Apache OpenNLP 1.9.5
Apache OpenNLP 1.9.5
This is a maintenance release of the 1.9.x line addressing several security vulnerabilities affecting Apache Lucene 8.x and Solr 8.x which depend on OpenNLP 1.9.x.
Changes
- OPENNLP-1819: Align DictionaryEntryPersistor XML parsing with XmlUtil helper
- OPENNLP-1820: Restrict ExtensionLoader to allowlisted package prefixes
- OPENNLP-1821: Prevent OutOfMemory due to huge array allocation
- OPENNLP-1826: Fix for XML parser security options
- OPENNLP-1835: Tolerate unsupported XML parser security options
For further info : https://lists.apache.org/thread/nvzl4g2b6rc149nf54xpnorjso5h0mlp