Jacques Le Roux created OFBIZ-12205: ---------------------------------------
Summary: Upgrade Apache PDFBox to 2.0.23 because of CVE-2021-27807 and CVE-2021-27906 Key: OFBIZ-12205 URL: https://issues.apache.org/jira/browse/OFBIZ-12205 Project: OFBiz Issue Type: Bug Components: Gradle Affects Versions: Trunk Reporter: Jacques Le Roux Assignee: Jacques Le Roux Currently we don't declare any dependency on PDFBox. I guess because it's used as a 3rd party by another lib. Fortunately it's easily done. -- This message was sent by Atlassian Jira (v8.3.4#803005)