File: changelog

package info (click to toggle)
tika 1.22-2
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, sid
  • size: 60,180 kB
  • sloc: java: 117,392; xml: 13,548; python: 1,105; makefile: 2
file content (123 lines) | stat: -rw-r--r-- 4,620 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 
tika (1.22-2) unstable; urgency=medium

  * Cherrypick upstream commit to address CVE-2020-1950 and CVE-2020-1951
   (Closes: #954303, #954302)

 -- Moritz Muehlenhoff <jmm@debian.org>  Sun, 31 Jan 2021 22:18:47 +0100

tika (1.22-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2019-10088: A carefully crafted or corrupt zip file can cause
      an out of memory error in RecursiveParserWrapper (Closes: #933744)
    - Fixes CVE-2019-10094: A carefully crafted package/compressed file that,
      when unzipped/uncompressed yields the same file (a quine), causes a stack
      overflow error in RecursiveParserWrapper (Closes: #933746)
    - Fixes CVE-2019-10093: A carefully crafted 2003ml or 2006ml file could
      consume all available SAXParsers in the pool and lead to very long hangs.
      (Closes: #933745)
    - Refreshed the patches
    - Ignore the new dependency on c3p0 (not used)

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 05 Aug 2019 11:41:25 +0200

tika (1.21-1) unstable; urgency=medium

  * New upstream release
    - Refreshed the patches
    - New dependency on libprotobuf-java
    - Ignore the build dependency on ossindex-maven-plugin
    - Ignore the new dependency on jakarta.activation (not used)
  * Standards-Version updated to 4.4.0

 -- Emmanuel Bourg <ebourg@apache.org>  Thu, 11 Jul 2019 22:48:11 +0200

tika (1.20-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2018-8017: Infinite loop in the IptcAnpaParser (Closes: #914643)
    - Refreshed the patches
    - New dependency on libgeronimo-annotation-1.3-spec-java
    - Depend on libapache-poi-java (>= 4.0)
    - New build dependency on libmaven-shade-plugin-java

 -- Emmanuel Bourg <ebourg@apache.org>  Tue, 22 Jan 2019 10:19:46 +0100

tika (1.18-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2016-4434: XML External Entity vulnerability (Closes: #825501)
    - Fixes CVE-2018-1339: Infinite loop in the CHM parser (Closes: #900000)
    - Refreshed the patches
    - Ignore the new dl, eval, langdetect and nlp modules
    - New dependencies on libcommons-exec-java, libjackson2-annotations-java,
      libjackson2-core-java, libjackson2-databind-java, libhttpmime-java,
      libjsoup-java, libuima-core-java, libandroid-json-org-java
      and libjson-simple-java
    - Depend on libpdfbox2-java instead of libpdfbox-java
    - Depend on librome-java (>= 1.6)
    - Depend on libapache-mime4j-java (>= 0.8.1)
    - Depend on libapache-poi-java (>= 3.17)
    - Ignore the new parsers with missing dependencies
  * Enabled the mp4 parser
  * Fixed the build failure with Java 11

 -- Emmanuel Bourg <ebourg@apache.org>  Sun, 20 Jan 2019 00:08:04 +0100

tika (1.8-1) unstable; urgency=medium

  * New upstream release
    - Refreshed the patches
    - Build the new tika-serialization and tika-batch modules
    - Fixed the compatibility with the version of metadata-extractor in Debian
    - New dependency on libcommons-csv-java
    - Depend on libapache-poi-java (>= 3.11)
  * Fixed the build failure with libmetadata-extractor-java 2.10
  * Merged and simplified the patches disabling unsupported parsers
  * Standards-Version updated to 4.3.0
  * Switch to debhelper level 11
  * Use salsa.debian.org Vcs-* URLs

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 07 Jan 2019 00:56:25 +0100

tika (1.5-5) unstable; urgency=medium

  * Enabled JHighlight support
  * Depend on libasm-java (>= 5.0) instead of libasm4-java
  * Build with the DH sequencer instead of CDBS
  * Standards-Version updated to 3.9.8
  * Use a secure Vcs-Git URL
  * debian/watch: Track the release tags on GitHub

 -- Emmanuel Bourg <ebourg@apache.org>  Tue, 04 Oct 2016 15:38:26 +0200

tika (1.5-4) unstable; urgency=medium

  * Team upload.
  * Add 08-bouncycastle-1.51.patch and fix FTBFS with bouncycastle 1.51.

 -- Markus Koschany <apo@debian.org>  Sun, 06 Dec 2015 16:13:18 +0100

tika (1.5-3) unstable; urgency=medium

  * Team upload.
  * Add a new maven rule for bnd >= 2.1.0.
  * Tighten build dependency on bnd.
  * Vcs-Browser: Use https.

 -- Markus Koschany <apo@debian.org>  Sat, 21 Nov 2015 14:28:08 +0100

tika (1.5-2) unstable; urgency=medium

  * Depend on libmetadata-extractor-java >= 2.7.2
  * Tightened the dependency on libapache-poi-java
  * Added a build dependency on libvorbis-java
  * Standards-Version updated to 3.9.6 (no changes)

 -- Emmanuel Bourg <ebourg@apache.org>  Mon, 01 Jun 2015 00:58:29 +0200

tika (1.5-1) unstable; urgency=medium

  * Initial release (Closes: #499606)

 -- Emmanuel Bourg <ebourg@apache.org>  Thu, 17 Jul 2014 12:08:17 +0200