Hi, find attached a quick draft of the board report we're expected to submit this month. It's based upon the report wizard template which can be found at [1]
Any comments or additions are appreciated ... <draft> ## Description: The mission of PDFBox is the creation and maintenance of software related to Java library for working with PDF documents ## Issues: There are no issues requiring board attention at this time. Some bugs were reported via [email protected] and 2 of them ended up in a CVE. Both were solved in 2.0.23. - CVE-2021-27906 Apache PDFBox: a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file - CVE-2021-27807 Apache PDFBox: a carefully crafted PDF file can trigger an infinite loop while loading the file The credits goes to Fabian Meumertzheim who found this issues when working on OSS-Fuzz ## Membership Data: Apache PDFBox was founded 2009-10-21 (11 years ago) There are currently 21 committers and 21 PMC members in this project. The Committer-to-PMC ratio is 1:1. Community changes, past quarter: - No new PMC members. Last addition was Matthäus Mayer on 2017-10-16. - No new committers. Last addition was Joerg O. Henne on 2017-10-09. ## Project Activity: Recent releases: 2.0.23 was released on 2021-03-18. 2.0.22 was released on 2020-12-19. 2.0.21 was released on 2020-08-20. ## Community Health: - there is a steady stream of contributions, bug reports and questions on the mailing lists - there are a lot of refactorings, improvements and bugfixes - the first alpha version of the upcoming new major release 3.0.0 was released - some of the downstream projects already started to integrate the new release into their codebases. The feedback is positive so far. </draft> Andreas [1] https://reporter.apache.org/wizard/?pdfbox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
