UbuntuUpdates.org

Package "tika"

Name: tika

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Apache Tika - content analysis toolkit

Latest version: 1.5-4ubuntu0.1
Release: xenial (16.04)
Level: updates
Repository: universe

Links



Other versions of "tika" in Xenial

Repository Area Version
base universe 1.5-4
security universe 1.5-4ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.5-4ubuntu0.1 2020-09-24 15:06:21 UTC

  tika (1.5-4ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Infinite Loop (DoS) vulnerability.
    - debian/patches/09-psdparser-cve.patch: Add xmp extraction from PSD
      files.
    - CVE-2020-1950
    - CVE-2020-1951

 -- Paulo Flabiano Smorigo <email address hidden> Tue, 22 Sep 2020 20:07:03 +0000

CVE-2020-1950 A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.
CVE-2020-1951 A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.



About   -   Send Feedback to @ubuntu_updates