[jira] [Created] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Created] (OFBIZ-12205) Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906

Nicolas Malin (Jira)
Jacques Le Roux created OFBIZ-12205:
---------------------------------------

             Summary: Upgrade Apache PDFBox to 2.0.23  because of CVE-2021-27807 and CVE-2021-27906
                 Key: OFBIZ-12205
                 URL: https://issues.apache.org/jira/browse/OFBIZ-12205
             Project: OFBiz
          Issue Type: Bug
          Components: Gradle
    Affects Versions: Trunk
            Reporter: Jacques Le Roux
            Assignee: Jacques Le Roux


Currently we don't declare any dependency on PDFBox. I guess because it's used as a 3rd party by another lib. Fortunately it's easily done.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)