Release Notes / Version 11.2304
Table Of ContentsThird-Party Update: Apache Tika and Transitive Dependencies
Apache Tika has been updated to version 2.3.0. As part of this change, the following transitive dependencies of Apache Tika have been updated to match versions used by Tika. This includes an update of Apache POI to fix security issue CVE-2022-2633.
Updated dependencies:
Apache Commons IO 2.11.0
Apache Log4J API and SLF4J Adapter 2.17.2
Apache PDFBox 2.0.25
Apache POI 5.2.2
Apache Tika 2.3.0
Apache XMLBeans 5.0.3
BouncyCastle 1.70
Curves API 1.07
Glassfish JAXB 2.3.6
Rome 1.18.0
SLF4J 1.7.36
If you use these libraries in project code, please check their respective release notes for changes and upgrade information. No changes were necessary in the CoreMedia Blueprint for these updates.
(CMS-21111)