This is an automated email from the ASF dual-hosted git repository.

lehmi pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/pdfbox-docs.git


The following commit(s) were added to refs/heads/asf-site by this push:
     new 16a8373  Site checkin for project Apache PDFBox Website
16a8373 is described below

commit 16a83736d35134c3aa8e4c899be2632b2b11deb5
Author: Andreas Lehmkühler <andr...@lehmi.de>
AuthorDate: Fri Apr 12 16:24:11 2019 +0200

    Site checkin for project Apache PDFBox Website
---
 content/blog.html                                  |   9 ++
 content/index.html                                 |  27 ++---
 .../2019/04/12/CVE-2019-0228.html}                 | 110 +--------------------
 3 files changed, 27 insertions(+), 119 deletions(-)

diff --git a/content/blog.html b/content/blog.html
index 3997503..d818d6c 100644
--- a/content/blog.html
+++ b/content/blog.html
@@ -159,6 +159,15 @@
             <div class="col-xs-12 col-sm-9">
                 <h1 id="blog">Blog</h1>
 
+<h2>CVE-2019-0228 XML External Entity vulnerability<br 
/><small>2019-04-12</small></h2>
+<p>Due to a XML External Entity vulnerability we strongly recommend to update 
to the most recent version of Apache PDFBox.</p>
+
+<p><strong>Versions Affected:</strong>
+Apache PDFBox 2.0.14 only</p>
+
+<p><strong>Mitigation:</strong>
+Upgrade to Apache PDFBox 2.0.15</p>
+
 <h2>Apache PDFBox 2.0.15 released<br /><small>2019-04-11</small></h2>
 <p>The Apache PDFBox community is pleased to announce the release of
 Apache PDFBox version 2.0.15. It is available for download at:</p>
diff --git a/content/index.html b/content/index.html
index 29550c0..b3fab8e 100644
--- a/content/index.html
+++ b/content/index.html
@@ -166,13 +166,14 @@
     Apache PDFBox also includes several command-line utilities.
     Apache PDFBox is published under the Apache License v2.0.</p>
 
-<h2>Apache PDFBox 2.0.15 released<br /><small>2019-04-11</small></h2>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 2.0.15. It is available for download at:</p>
+<h2>CVE-2019-0228 XML External Entity vulnerability<br 
/><small>2019-04-12</small></h2>
+<p>Due to a XML External Entity vulnerability we strongly recommend to update 
to the most recent version of Apache PDFBox.</p>
 
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
+<p><strong>Versions Affected:</strong>
+Apache PDFBox 2.0.14 only</p>
 
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12344997";>full
 release notes</a> for details about this release.</p>
+<p><strong>Mitigation:</strong>
+Upgrade to Apache PDFBox 2.0.15</p>
 
 <h2 id="getting-help">Getting Help</h2>
 
@@ -225,6 +226,14 @@ skills. Subscribe to the <a 
href="/mailinglists.html">Mailing Lists</a> and find
 
 <h2 id="news">News</h2>
 
+<h3>Apache PDFBox 2.0.15 released<br /><small>2019-04-11</small></h3>
+<p>The Apache PDFBox community is pleased to announce the release of
+Apache PDFBox version 2.0.15. It is available for download at:</p>
+
+<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
+
+<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12344997";>full
 release notes</a> for details about this release.</p>
+
 <h3>Apache PDFBox 2.0.14 released<br /><small>2019-02-28</small></h3>
 <p>The Apache PDFBox community is pleased to announce the release of
 Apache PDFBox version 2.0.14. It is available for download at:</p>
@@ -258,14 +267,6 @@ Apache PDFBox version 1.8.16 and 2.0.12. They are 
available for download at:</p>
 
 <p>See the full release notes <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343490";>1.8.16</a>
 and <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343489";>2.0.12</a>
 for details about this release.</p>
 
-<h3>Apache PBFBox JBIG2 ImageIO plugin 3.0.2 released<br 
/><small>2018-09-25</small></h3>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox JBIG2 ImageIO plugin version 3.0.2. It is available for download 
at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343308";>full
 release notes</a> for details about this release.</p>
-
 
             </div>
         </div>
diff --git a/content/index.html b/content/news/2019/04/12/CVE-2019-0228.html
similarity index 66%
copy from content/index.html
copy to content/news/2019/04/12/CVE-2019-0228.html
index 29550c0..107b87d 100644
--- a/content/index.html
+++ b/content/news/2019/04/12/CVE-2019-0228.html
@@ -26,7 +26,7 @@
     <meta name="description" content="The Apache PDFBox™ library is an open 
source Java tool for working with PDF documents. This project allows creation 
of new PDF documents, manipulation of existing documents and the ability to 
extract content from documents. Apache PDFBox also includes several 
command-line utilities. Apache PDFBox is published under the Apache License 
v2.0.
 ">
 
-    <title>Apache PDFBox | A Java PDF Library</title>
+    <title>Apache PDFBox | CVE-2019-0228 XML External Entity 
vulnerability</title>
 
     <link href="/bootstrap/css/bootstrap.min.css" rel="stylesheet">
     <link href="/css/pygments-github.css" rel="stylesheet">
@@ -157,115 +157,13 @@
                <a 
href="https://www.apache.org/foundation/contributing.html";><img width="135" 
src="/images/SupportApache.jpg"></a>
             </div>
             <div class="col-xs-12 col-sm-9">
-                <h1 id="apache-pdfbox---a-java-pdf-library">Apache 
PDFBox<sup>®</sup> - A Java PDF Library</h1>
-
-<p class="lead">The Apache PDFBox<sup>&reg;</sup> library is an open source 
Java tool for working with
-    PDF documents. This project allows creation of new PDF documents, 
manipulation of existing
-    documents and the ability to extract content from documents.
-
-    Apache PDFBox also includes several command-line utilities.
-    Apache PDFBox is published under the Apache License v2.0.</p>
-
-<h2>Apache PDFBox 2.0.15 released<br /><small>2019-04-11</small></h2>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 2.0.15. It is available for download at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12344997";>full
 release notes</a> for details about this release.</p>
-
-<h2 id="getting-help">Getting Help</h2>
-
-<p>To get help on using PDFBox, please <a 
href="mailto:users-subscr...@pdfbox.apache.org";>Subscribe to the Users Mailing 
List</a> and post your
-questions there. We’re happy to help.</p>
-
-<p>The project is a volunteer effort and we’re always looking for interested 
people to help
-us improve PDFBox. There are a multitude of ways that you can help us 
depending on your
-skills. Subscribe to the <a href="/mailinglists.html">Mailing Lists</a> and 
find out how you can help.</p>
-
-<h2 id="features">Features</h2>
-
-<div class="row">
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Extract Text</h4></header>
-        <p>Extract Unicode text from PDF files.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Split &amp; Merge</h4></header>
-        <p>Split a single PDF into many files or merge multiple PDF files.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Fill Forms</h4></header>
-        <p>Extract data from PDF forms or fill a PDF form.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Preflight</h4></header>
-        <p>Validate PDF files against the PDF/A-1b standard.</p>
-    </div>
-</div>
-
-<div class="row">
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Print</h4></header>
-        <p>Print a PDF file using the standard Java printing API.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Save as Image</h4></header>
-        <p>Save PDFs as image files, such as PNG or JPEG.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Create PDFs</h4></header>
-        <p>Create a PDF from scratch, with embedded fonts and images.</p>
-    </div>
-    <div class="col-md-3">
-        <header><h4><svg aria-hidden="true" class="open-iconic 
open-iconic-box" width="8" height="8" viewBox="0 0 8 8" role="img" 
version="1.1" alt="box image"><path d="M0 0v1h8v-1h-8zm0 2v5.91c0 
.05.04.09.09.09h7.81c.05 0 .09-.04.09-.09v-5.91h-2.97v1.03h-2.03v-1.03h-3z" 
/></svg>Signing</h4></header>
-        <p>Digitally sign PDF files.</p>
-    </div>
-</div>
-
-<h2 id="news">News</h2>
-
-<h3>Apache PDFBox 2.0.14 released<br /><small>2019-02-28</small></h3>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 2.0.14. It is available for download at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12344563";>full
 release notes</a> for details about this release.</p>
-
-<h3>Apache PDFBox 2.0.13 released<br /><small>2018-12-02</small></h3>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 2.0.13. It is available for download at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12344153";>full
 release notes</a> for details about this release.</p>
-
-<h3>[CVE-2018-11797] DoS vulnerability in Apache PDFBox parser<br 
/><small>2018-10-05</small></h3>
-<p>DoS vulnerability in Apache PDFBox parser we strongly recommend to update 
to the most recent version of Apache PDFBox.</p>
+                <p>Due to a XML External Entity vulnerability we strongly 
recommend to update to the most recent version of Apache PDFBox.</p>
 
 <p><strong>Versions Affected:</strong>
-Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11. Earlier, unsupported 
versions may be affected as well.</p>
+Apache PDFBox 2.0.14 only</p>
 
 <p><strong>Mitigation:</strong>
-Upgrade to Apache PDFBox 1.8.16 respectively 2.0.12</p>
-
-<h3>Apache PDFBox 1.8.16 and 2.0.12 released<br 
/><small>2018-10-05</small></h3>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 1.8.16 and 2.0.12. They are available for download 
at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the full release notes <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343490";>1.8.16</a>
 and <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343489";>2.0.12</a>
 for details about this release.</p>
-
-<h3>Apache PBFBox JBIG2 ImageIO plugin 3.0.2 released<br 
/><small>2018-09-25</small></h3>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox JBIG2 ImageIO plugin version 3.0.2. It is available for download 
at:</p>
-
-<p><a 
href="https://pdfbox.apache.org/download.cgi";>https://pdfbox.apache.org/download.cgi</a></p>
-
-<p>See the <a 
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12343308";>full
 release notes</a> for details about this release.</p>
-
+Upgrade to Apache PDFBox 2.0.15</p>
 
             </div>
         </div>

Reply via email to