[SECURITY] Fedora 32 Update: pdfbox-2.0.23-1.fc32

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-dc83ae690a 2021-03-30 14:30:22.203453 -------------------------------------------------------------------------------- Name : pdfbox Product : Fedora 32 Version : 2.0.23 Release : 1.fc32 URL : http://pdfbox.apache.org/ Summary : Apache PDFBox library for working with PDF documents Description : Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is published under the Apache License v2.0. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2021-27807 and CVE-2021-27906 -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 19 2021 Fedora Release Monitoring <release-monitoring(a)fedoraproject.org&gt; - 2.0.23-1 - Update to 2.0.23 (#1940796) * Tue Jan 26 2021 S��rgio Basto <sergio(a)serjux.com&gt; - 2.0.22-1 - Update to 2.0.22 (#1909499) - Bouncycastle 1.67 patch is already upstreamed * Tue Jan 26 2021 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 2.0.21-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Mon Jan 25 2021 S��rgio Basto <sergio(a)serjux.com&gt; - 2.0.21-3 - Add bouncycastle 1.67 support (from daviddavid) * Thu Sep 10 2020 Fabio Valentini <decathorpe(a)gmail.com&gt; - 2.0.21-2 - Drop log4j12 dependency, it seems to not be necessary any longer. * Wed Aug 26 2020 S��rgio Basto <sergio(a)serjux.com&gt; - 2.0.21-1 - Fix build on F33 - Update pdfbox to 2.0.21 (#1871001) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1941050 - CVE-2021-27906 pdfbox: OutOfMemory-Exception while loading a crafted PDF file https://bugzilla.redhat.com/show_bug.cgi?id=1941050 [ 2 ] Bug #1941055 - CVE-2021-27807 pdfbox: infinite loop while loading a crafted PDF file https://bugzilla.redhat.com/show_bug.cgi?id=1941055 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-dc83ae690a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------