Hello all, what do you think about Dominik Seichter's suggestion [1] to extract PdfRecursionGuard to its own file then to fix recursion issues in other places, namely CVE-2018-8002 [2] (I'm of the opinion that fixing a CVE should take some precedence over supporting everything that's, at least theoretically, permissible according to the PDF spec) and issue 25 [3] (in a PdfOutlineItem constructor)?
Especially @Committers: If you're OK with it, I'd do both changes (extracting & then using it to do CVE fixes, without changing the settings, I can only test with Linux). Best regards, mabri [1] https://sourceforge.net/p/podofo/tickets/7/#acda [2] https://sourceforge.net/p/podofo/tickets/15 [3] https://sourceforge.net/p/podofo/tickets/25 _______________________________________________ Podofo-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/podofo-users
