Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package apache-pdfbox for openSUSE:Factory checked in at 2021-04-22 18:03:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apache-pdfbox (Old) and /work/SRC/openSUSE:Factory/.apache-pdfbox.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apache-pdfbox" Thu Apr 22 18:03:15 2021 rev:12 rq:885319 version:2.0.23 Changes: -------- --- /work/SRC/openSUSE:Factory/apache-pdfbox/apache-pdfbox.changes 2021-01-08 17:32:35.885148308 +0100 +++ /work/SRC/openSUSE:Factory/.apache-pdfbox.new.12324/apache-pdfbox.changes 2021-04-22 18:03:21.630450552 +0200 @@ -1,0 +2,29 @@ +Mon Apr 12 08:13:49 UTC 2021 - Pedro Monreal <pmonr...@suse.com> + +- Update to 2.0.23: + * Security fixes: + - CVE-2021-27807: A carefully crafted PDF file can trigger an + infinite loop while loading the file [bsc#1184356] + - CVE-2021-27906: OutOfMemory-Exception while loading a crafted + PDF file [bsc#1184357] + * Bug fixes: + - Transparency Group issues + - getLastSignatureDictionary modifies internal structure of PDDocument + - NullPointerexception in AcroFormOrphanWidgetsProcessor.resolveNonRootField() + - AcroForm PDTextField formatting lost when setting value + - java.lang.IndexOutOfBoundsException + - Failure to modify cropBox when splitting a PDF Page vertically into 2 pieces + - ArrayIndexOutOfBoundsException in isOwnerPassword + - IllegalArgumentException in computeEncryptedKeyRev56 + - IllegalArgumentException in PDFObjectStreamParser.privateReadObjectNumbers + - ClassCastException in COSStream.getFilterList + - ArrayIndexOutOfBoundsException in PDFXrefStreamParser.parseValue + * Improvements: + - Improve document signing + - Allow reuse of subsetted fonts by inverting the ToUnicode CMap + - improve performance in signature validation + - Add more checks to PDFXrefStreamParser and reduce memory footprint + - Use StringBuilder for key in PDDeviceN.toRGBWithTintTransform() + - Don't use RGB loop in PDDeviceN.toRGBWithTintTransform() + +------------------------------------------------------------------- Old: ---- pdfbox-2.0.22-build.tar.xz pdfbox-2.0.22-src.zip pdfbox-2.0.22-src.zip.asc New: ---- pdfbox-2.0.23-build.tar.xz pdfbox-2.0.23-src.zip pdfbox-2.0.23-src.zip.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apache-pdfbox.spec ++++++ --- /var/tmp/diff_new_pack.dKG9cJ/_old 2021-04-22 18:03:23.198452977 +0200 +++ /var/tmp/diff_new_pack.dKG9cJ/_new 2021-04-22 18:03:23.202452983 +0200 @@ -18,7 +18,7 @@ # Only fontbox and jempbox are built as pdfbox itself depends on Adobe's pcif. Name: apache-pdfbox -Version: 2.0.22 +Version: 2.0.23 Release: 0 Summary: Java PDF Library License: Apache-2.0 AND OFL-1.1 ++++++ pdfbox-2.0.22-build.tar.xz -> pdfbox-2.0.23-build.tar.xz ++++++ ++++ 2149 lines of diff (skipped)
