tika-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kaifeng Huang (JIRA)" <j...@apache.org>
Subject [jira] [Created] (TIKA-2828) Your project apache/tika is using buggy third-party libraries [WARNING]
Date Fri, 15 Feb 2019 09:23:00 GMT
Kaifeng Huang created TIKA-2828:
-----------------------------------

             Summary: Your project apache/tika is using buggy third-party libraries [WARNING]
                 Key: TIKA-2828
                 URL: https://issues.apache.org/jira/browse/TIKA-2828
             Project: Tika
          Issue Type: Bug
            Reporter: Kaifeng Huang



Hi, there!

    We are a research team working on third-party library analysis. We have found that some
widely-used third-party libraries in your project have major/critical bugs, which will degrade
the quality of your project. We highly recommend you to update those libraries to new versions.

    We have attached the buggy third-party libraries and corresponding jira issue links below
for you to have more detailed information.

	1. commons-codec commons-codec
	version: 1.11

	Jira issues:
	InputStream not closed
	affectsVersions:1.10,1.11
	https://issues.apache.org/jira/projects/CODEC/issues/CODEC-225?filter=allopenissues


	2. org.apache.httpcomponents httpclient
	version: 4.5.6

	Jira issues:
	Support relatively new HTTP 308 redirect - RFC7538
	affectsVersions:3.1 (end of life),4.5.6
	https://issues.apache.org/jira/projects/HTTPCLIENT/issues/HTTPCLIENT-1946?filter=allopenissues


	3. commons-io commons-io
	version: 2.6

	Jira issues:
	.gitattributes not correctly applied
	affectsVersions:2.6
	https://issues.apache.org/jira/projects/IO/issues/IO-516?filter=allopenissues
	FilenameUtils.normalize should verify hostname syntax in UNC path
	affectsVersions:2.6
	https://issues.apache.org/jira/projects/IO/issues/IO-559?filter=allopenissues
	Missing Javadoc in FilenameUtils causing Travis-CI build to fail
	affectsVersions:2.6
	https://issues.apache.org/jira/projects/IO/issues/IO-570?filter=allopenissues




Sincerely~
FDU Software Engineering Lab
Feb 15th, 2019




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message