[jira] [Created] (PDFBOX-3865) Add OWASP dependency-check to build

Tilman Hausherr (JIRA) Tue, 11 Jul 2017 08:16:01 -0700

Tilman Hausherr created PDFBOX-3865:
---------------------------------------


             Summary: Add OWASP dependency-check to build
                 Key: PDFBOX-3865
                 URL: https://issues.apache.org/jira/browse/PDFBOX-3865
             Project: PDFBox
          Issue Type: Task
    Affects Versions: 2.0.6, 3.0.0
            Reporter: Tilman Hausherr
            Assignee: Tilman Hausherr
             Fix For: 2.0.7, 3.0.0


https://github.com/jeremylong/dependency-check-gradle#current-release
checks the build against known security issues. I tried it with a project that 
linked pdfbox 2.0.0 (has XXE vulnerability) and yes, the build stopped.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (PDFBOX-3865) Add OWASP dependency-check to build

Reply via email to