/aut

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Apache Tika - security vulnerabilities; resolves #131. #285

Merged
merged 1 commit into from Oct 17, 2018

Conversation

Reviewers

@ianmilligan1 ianmilligan1

@lintool lintool

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@ruebot @codecov-io @ianmilligan1
@ruebot
Member

ruebot commented Oct 17, 2018
edited

GitHub issue(s): #131

What does this Pull Request do?

Update Apache Tika to 1.19.1 for the following security vulnerabilities:

  • CVE-2018-1338
  • CVE-2018-11762
  • CVE-2018-11761
  • CVE-2016-6809
  • CVE-2018-1339
  • CVE-2018-11796
  • CVE-2016-4434
  • CVE-2018-1335

How should this be tested?

TravisCI should take care of it. If there is any language analysis scripts laying around, we should double check those.

Additional Notes:

This creates a build warning:

[WARNING] /home/nruest/git/aut/src/main/scala/io/archivesunleashed/matchbox/DetectLanguage.scala:33: warning: class LanguageIdentifier in package language is deprecated: see corresponding Javadoc for more information.
[INFO]       new LanguageIdentifier(input).getLanguage
[INFO]           ^
[WARNING] one warning found

Follow-on ticket #286
@ruebot
Update Apache Tika - security vulnerabilities; resolves #131. 
- CVE-2018-1338
- CVE-2018-11762
- CVE-2018-11761
- CVE-2016-6809
- CVE-2018-1339
- CVE-2018-11796
- CVE-2016-4434
- CVE-2018-1335
Verified
This commit was signed with a verified signature.
@ruebot ruebot Nick Ruest
GPG key ID: 417FAF1A0E1080CD Learn about signing commits
Loading status checks…
1f27d8e

@ruebot ruebot requested review from ianmilligan1 and lintool Oct 17, 2018

@ruebot ruebot referenced this pull request Oct 17, 2018

Open

DetectLanguage.scala: class LanguageIdentifier in package language is deprecated #286

@ianmilligan1

ianmilligan1 approved these changes Oct 17, 2018
View changes

Looks good to me! Out of curiosity, tested the .keepLanguages command and all still works.

@ruebot

This comment has been minimized.

Show comment
Hide comment
@ruebot

ruebot Oct 17, 2018

Member

phew
Member

ruebot commented Oct 17, 2018

phew
@codecov-io

This comment has been minimized.

Show comment
Hide comment
@codecov-io

codecov-io Oct 17, 2018

Codecov Report

Merging #285 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #285   +/-   ##
=======================================
  Coverage   70.36%   70.36%           
=======================================
  Files          41       41           
  Lines        1046     1046           
  Branches      192      192           
=======================================
  Hits          736      736           
  Misses        244      244           
  Partials       66       66

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0d4f9bb...1f27d8e. Read the comment docs.

codecov-io commented Oct 17, 2018

Codecov Report

Merging #285 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #285   +/-   ##
=======================================
  Coverage   70.36%   70.36%           
=======================================
  Files          41       41           
  Lines        1046     1046           
  Branches      192      192           
=======================================
  Hits          736      736           
  Misses        244      244           
  Partials       66       66

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0d4f9bb...1f27d8e. Read the comment docs.

@ianmilligan1 ianmilligan1 merged commit b9260be into master Oct 17, 2018
3 checks passed

3 checks passed

codecov/patch Coverage not affected when comparing 0d4f9bb...1f27d8e
Details
codecov/project 70.36% remains the same compared to 0d4f9bb
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@ianmilligan1 ianmilligan1 deleted the issue-131 branch Oct 17, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment