![]() ![]() ![]() Note that if you use some of the older Java versions (Java 1.5-1.8) you might need to update the bouncy castle dependency to a different specific distribution. This was disclosed in CVE-2020-28052, see the link for more details. The Bouncy Castle Crypto API for Java has also been updated to version 1.67 due to a flaw in the OpenBSDBCrypt.checkPassword() method present in 1.65 and 1.66. In addition, we have updated the Apache XML Security for Java (:xmlsec) dependency to version 1.5.8 from version 1.5.6. While iText 5 is now EOL, we want to make sure that our users who have developed their solutions using iText 5 can safely continue using it.įor this particular release, we’ve backported a security bug fix from iText 7.2.0 and 7.1.17 to resolve a vulnerability that allowed the use of GhostScript in an unpredictable manner. Since the release of iText 5.5.13 the iText 5 product line has transitioned to be in maintenance mode, meaning it only receives security related releases. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |