Jacques Le Roux created OFBIZ-12205:
---------------------------------------
Summary: Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906
Key: OFBIZ-12205
URL:
https://issues.apache.org/jira/browse/OFBIZ-12205 Project: OFBiz
Issue Type: Bug
Components: Gradle
Affects Versions: Trunk
Reporter: Jacques Le Roux
Assignee: Jacques Le Roux
Currently we don't declare any dependency on PDFBox. I guess because it's used as a 3rd party by another lib. Fortunately it's easily done.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)