Am 14.04.21 um 19:30 schrieb Tilman Hausherr:
+1
You could mention that there is a instructer at Wright State University who uses
PDFBox in his class as starting point
https://github.com/erikbuck/pdfbox/blob/patch-1/SRS%20(Requirements%20Document)
https://github.com/erikbuck/pdfbox/blob/patch-1/Software%20Design%20Document
Thanks, good point, I've added that detail to the report
Andreas
Tilman
Am 14.04.2021 um 08:29 schrieb Andreas Lehmkuehler:
Hi,
find attached a quick draft of the board report we're expected to submit this
month. It's based upon the report wizard template which can be found at [1]
Any comments or additions are appreciated ...
<draft>
## Description:
The mission of PDFBox is the creation and maintenance of software related to
Java library for working with PDF documents
## Issues:
There are no issues requiring board attention at this time.
Some bugs were reported via [email protected] and 2 of them ended up in a
CVE. Both were solved in 2.0.23.
- CVE-2021-27906 Apache PDFBox: a carefully crafted PDF file can trigger an
OutOfMemory-Exception while loading the file
- CVE-2021-27807 Apache PDFBox: a carefully crafted PDF file can trigger an
infinite loop while loading the file
The credits goes to Fabian Meumertzheim who found this issues when working on
OSS-Fuzz
## Membership Data:
Apache PDFBox was founded 2009-10-21 (11 years ago)
There are currently 21 committers and 21 PMC members in this project.
The Committer-to-PMC ratio is 1:1.
Community changes, past quarter:
- No new PMC members. Last addition was Matthäus Mayer on 2017-10-16.
- No new committers. Last addition was Joerg O. Henne on 2017-10-09.
## Project Activity:
Recent releases:
2.0.23 was released on 2021-03-18.
2.0.22 was released on 2020-12-19.
2.0.21 was released on 2020-08-20.
## Community Health:
- there is a steady stream of contributions, bug reports and questions on the
mailing lists
- there are a lot of refactorings, improvements and bugfixes
- the first alpha version of the upcoming new major release 3.0.0 was released
- some of the downstream projects already started to integrate the new release
into their codebases. The feedback is positive so far.
</draft>
Andreas
[1] https://reporter.apache.org/wizard/?pdfbox
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
