Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.2.1
-
None
-
CVE-2021-44832
Description
Possible to get Apache Log4j2 bumped up to version 2.17.1 in Tika? I didn't see it mentioned in the pre-release notes for Tika 2.3.0 so I thought I'd ask here. Since it seems like log4j2 changes have ceased being a moving target, it'd be excellent to just have the latest and greatest version.
Attachments
Issue Links
- is duplicated by
-
TIKA-3638 Log4J vulnerability mitigation by upgrading to latest
- Resolved