Kaifeng Huang created PDFBOX-4465:
-------------------------------------
Summary: Your project apache/pdfbox is using buggy third-party
libraries [WARNING]
Key: PDFBOX-4465
URL: https://issues.apache.org/jira/browse/PDFBOX-4465
Project: PDFBox
Issue Type: Bug
Reporter: Kaifeng Huang
Hi, there!
We are a research team working on third-party library analysis. We have
found that some widely-used third-party libraries in your project have
major/critical bugs, which will degrade the quality of your project. We highly
recommend you to update those libraries to new versions.
We have attached the buggy third-party libraries and corresponding jira
issue links below for you to have more detailed information.
1. commons-logging commons-logging
version: 1.2
Jira issues:
BufferedReader is not closed properly
affectsVersions:1.1.1;1.2
https://issues.apache.org/jira/projects/LOGGING/issues/LOGGING-163?filter=allopenissues
2. commons-io commons-io
version: 2.6
Jira issues:
.gitattributes not correctly applied
affectsVersions:2.6
https://issues.apache.org/jira/projects/IO/issues/IO-516?filter=allopenissues
FilenameUtils.normalize should verify hostname syntax in UNC path
affectsVersions:2.6
https://issues.apache.org/jira/projects/IO/issues/IO-559?filter=allopenissues
Missing Javadoc in FilenameUtils causing Travis-CI build to fail
affectsVersions:2.6
https://issues.apache.org/jira/projects/IO/issues/IO-570?filter=allopenissues
Sincerely~
FDU Software Engineering Lab
Feb 15th, 2019
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
