Skip to content

Release 10.0.2(CVE-2021-44228)
Compare
Choose a tag to compare
@dkd-kaehm dkd-kaehm released this 17 Dec 16:04
· 2 commits to release-10.0.x since this release
10.0.2
655dc9a

We are happy to release version 10.0.2 of EXT:tika.

Important:

This version contains CVE-2021-44228 fixes for users, who starting
the Tika Server-daemons within TYPO3 BE or using Tika app modes.
All users using dedicated Tika server or Apache Solr Tika cell connections do not benefit from the update
and should harden the Solr Servers and/or Tika Servers with official CVE-2021-44228 patches manually.

Manual action required for Tika App or enabled Tika Server module

Please note that the release does not automatically include security measures against CVE-2021-44228. Rather, it is
now possible to specify additional parameters that can be passed when the java binary is executed.
The parameters can be set using the extension configuration javaCommandOptions.
Example:

# LocalConfiguration.php
return [
    'EXTENSIONS' => [
        'tika' => [
            'javaCommandOptions' => '-Dlog4j2.formatMsgNoLookups=true',
        ],       
    ],
];

New in this release

  • [BUGFIX:BP:10] Handle custom java command options for server module as well (#177)

Contributors

Like always this release would not have been possible without the help from our
awesome community. Here are the contributors to this release.

(patches, comments, bug reports, reviews, ... in alphabetical order)

Also a big thanks to our partners that have joined the EB2021 program:

  • +Pluswerk AG
  • 711media websolutions GmbH
  • Abt Sportsline GmbH
  • ACO Severin Ahlmann GmbH & Co. KG
  • AVM Computersysteme Vertriebs GmbH
  • cosmoblonde GmbH
  • creativ clicks GmbH
  • cron IT GmbH
  • CS2 AG
  • CW Media & Systems
  • Earlybird GmbH & Co KG
  • FLOWSITE GmbH
  • form4 GmbH & Co. KG
  • Getdesigned GmbH
  • Granpasso Digital Strategy GmbH
  • Ikanos GmbH
  • internezzo ag
  • Intersim AG
  • Ion2s GmbH
  • Leitgab Gernot
  • mellowmessage GmbH
  • Moselwal Digitalagentur UG (haftungsbeschränkt)
  • network.publishing Möller-Westbunk GmbH
  • OST Ostschweizer Fachhochschule
  • Plan.Net Suisse AG
  • Provitex GmbH
  • punkt.de GmbH
  • queo GmbH
  • Rechnungshof
  • Schoene neue kinder GmbH
  • SIT GmbH
  • SIZ GmbH
  • Stämpfli AG
  • Triplesense Reply Frankfurt
  • TWT reality bytes GmbH
  • visol digitale Dienstleistungen GmbH
  • Web Commerce GmbH
  • webconsulting business services gmbh
  • webschuppen GmbH
  • Webstobe GmbH
  • Webtech AG
  • wow! solution
  • XIMA MEDIA GmbH
  • Bundesanstalt Statistik Österreich
  • ECOS TECHNOLOGY GMBH
  • Fachhochschule Erfurt
  • Hochschule Furtwangen - IMZ Online-Services
  • Hochschule Niederrhein University of Applied Sciences
  • l'Autorité des marchés financiers
  • La Financière agricole du Québec
  • LfdA - Labor für digitale Angelegenheiten GmbH

How to Get Involved

There are many ways to get involved with Apache Solr for TYPO3:

  • Submit bug reports and feature requests on GitHub
  • Ask or help or answer questions in our Slack channel
  • Provide patches through Pull Request or review and comment on existing Pull Requests
  • Go to www.typo3-solr.com or call dkd to sponsor the ongoing development of Apache Solr for TYPO3

Support us by becoming an EB partner:

http://www.typo3-solr.com/en/contact/

or call:

+49 (0)69 - 2475218 0

Contributors

eliashaeussler
Assets 2
Loading