Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879. (#4791)

* Bump Tika from 2.4.0 to 2.5.0 addressing CVE-2022-33879.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Add missing SHAs.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Update changelog with PR info.

Signed-off-by: Marc Handalian <handalm@amazon.com>

Signed-off-by: Marc Handalian <handalm@amazon.com>

CHANGELOG.md

@@ -57,6 +57,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - Bumps `hadoop-hdfs` from 3.3.3 to 3.3.4 ([#4644](https://github.com/opensearch-project/OpenSearch/pull/4644))
 - Bumps `jna` from 5.11.0 to 5.12.1 ([#4656](https://github.com/opensearch-project/OpenSearch/pull/4656))
 - Update Jackson Databind to 2.13.4.2 (addressing CVE-2022-42003) ([#4779](https://github.com/opensearch-project/OpenSearch/pull/4779))
+- Bumps `tika` from 2.4.0 to 2.5.0 ([#4791](https://github.com/opensearch-project/OpenSearch/pull/4791))
 ### Changed
 - Dependency updates (httpcore, mockito, slf4j, httpasyncclient, commons-codec) ([#4308](https://github.com/opensearch-project/OpenSearch/pull/4308))
 - Use RemoteSegmentStoreDirectory instead of RemoteDirectory ([#4240](https://github.com/opensearch-project/OpenSearch/pull/4240))

plugins/ingest-attachment/build.gradle

@@ -38,7 +38,7 @@ opensearchplugin {
 }
 
 versions << [
-  'tika'  : '2.4.0',
+  'tika'  : '2.5.0',
   'pdfbox': '2.0.25',
   'poi'   : '5.2.2',
   'mime4j': '0.8.3'

plugins/ingest-attachment/licenses/tika-core-2.5.0.jar.sha1

@@ -0,0 +1 @@
+7f9f35e4827726b062ac2b0ad0fd361837a50ac9

plugins/ingest-attachment/licenses/tika-langdetect-optimaize-2.5.0.jar.sha1

@@ -0,0 +1 @@
+649574dca8f19d991ac25894c40284446dc5cf50

plugins/ingest-attachment/licenses/tika-parsers-standard-package-2.5.0.jar.sha1

@@ -0,0 +1 @@
+2b9268511c34d8a1098f0565438cb8077fcf845d