The Apache PDFBox community is pleased to announce the release of
Apache PDFBox JBIG2 ImageIO plugin version 3.0.3. The release is
available for download at:
http://pdfbox.apache.org/download.cgi
See the full release notes below for details about this release.
Release Notes -- Apache JBIG2
CVE-2019-17571: Deserialization of untrusted data in SocketServer
Severity: Critical
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/RL:W
Product:
Apache Log4j
Versions Affected:
Apache Log4j up to and including 1.2.27. Separately fixed by
CVE-2017-5645 in Log4j 2.8.2.
Problem type:
CWE-502:
