Upstream has issued advisories on April 25: http://openwall.com/lists/oss-security/2018/04/25/6 http://openwall.com/lists/oss-security/2018/04/25/7 http://openwall.com/lists/oss-security/2018/04/25/8 The issues are fixed upstream in 1.18. Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Status comment: (none) => Fixed upstream in 1.18
Upstream has issued advisories today (September 19): https://www.openwall.com/lists/oss-security/2018/09/19/4 https://www.openwall.com/lists/oss-security/2018/09/19/5 https://www.openwall.com/lists/oss-security/2018/09/19/6 The issues are fixed upstream in 1.19.
Summary: tika new security issues CVE-2018-133[589] => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12]Status comment: Fixed upstream in 1.18 => Fixed upstream in 1.19Blocks: (none) => 18557
Upstream has issued an advisory on October 9: https://www.openwall.com/lists/oss-security/2018/10/09/7 The issue is fixed upstream in 1.19.1.
Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12] => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796Status comment: Fixed upstream in 1.19 => Fixed upstream in 1.19.1
Upstream has issued an advisory today (December 22): https://www.openwall.com/lists/oss-security/2018/12/22/2 The issue is fixed upstream in 1.20.
Source RPM: tika-1.12-1.mga6.src.rpm => tika-1.17-1.mga7.src.rpmStatus comment: Fixed upstream in 1.19.1 => Fixed upstream in 1.20Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796 => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197
Whiteboard: MGA6TOO => MGA7TOO, MGA6TOO
Upstream has issued advisories on August 2: https://www.openwall.com/lists/oss-security/2019/08/02/2 https://www.openwall.com/lists/oss-security/2019/08/02/4 The issues are fixed upstream in 1.22.
Status comment: Fixed upstream in 1.20 => Fixed upstream in 1.22Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197 => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-10088, CVE-2019-10094
Upstream has issued advisories today (March 18): https://www.openwall.com/lists/oss-security/2020/03/18/3 https://www.openwall.com/lists/oss-security/2020/03/18/4 The issues are fixed upstream in 1.24.
Status comment: Fixed upstream in 1.22 => Fixed upstream in 1.24
(In reply to David Walser from comment #5) > Upstream has issued advisories today (March 18): > https://www.openwall.com/lists/oss-security/2020/03/18/3 > https://www.openwall.com/lists/oss-security/2020/03/18/4 > > The issues are fixed upstream in 1.24. Debian-LTS has issued an advisory for this on March 28: https://www.debian.org/lts/security/2020/dla-2161
Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-10088, CVE-2019-10094 => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-195[01], CVE-2019-10088, CVE-2019-10094
CC: (none) => mageiaWhiteboard: MGA7TOO, MGA6TOO => MGA7TOO
Ubuntu has issued an advisory for this on October 5: https://ubuntu.com/security/notices/USN-4564-1
Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-195[01], CVE-2019-10088, CVE-2019-10094 => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-10088, CVE-2019-10094, CVE-2020-195[01]
not in cauldron anymore
Whiteboard: MGA7TOO => (none)Version: Cauldron => 7
*** Bug 28082 has been marked as a duplicate of this bug. ***
CC: (none) => zombie_ryushu
Apache has issued an advisory today (March 30): https://www.openwall.com/lists/oss-security/2021/03/30/3 The issue is fixed upstream in 1.26.
Summary: tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-10088, CVE-2019-10094, CVE-2020-195[01] => tika new security issues CVE-2018-133[589], CVE-2018-8017, CVE-2018-1176[12], CVE-2018-11796, CVE-2018-17197, CVE-2019-10088, CVE-2019-10094, CVE-2020-195[01], CVE-2021-28657Status comment: Fixed upstream in 1.24 => Fixed upstream in 1.26
https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Resolution: (none) => OLDStatus: NEW => RESOLVED