Fix for CVE-2017-9096 iText XML External Entity Vulnerability #56

albfernandez · 2017-11-14T18:14:16Z

No description provided.

tlxtellef

The EntityResolver implementation should be its own class as it is currently defined trice with the same content.

ghost · 2017-11-16T12:12:05Z

http://seclists.org/bugtraq/2017/Nov/20

We can do the minor cleanup after merging.

Fix for CVE-2017-9096 iText XML External Entity Vulnerability

aa4ac5f

tlxtellef self-requested a review November 16, 2017 11:21

tlxtellef previously requested changes Nov 16, 2017

View reviewed changes

asturio self-requested a review November 16, 2017 14:41

tlxtellef merged commit 672c137 into LibrePDF:master Nov 16, 2017

tlxtellef added the bug label Nov 16, 2017

tlxtellef added this to the 1.0.5 milestone Nov 16, 2017

ghost mentioned this pull request Jan 8, 2018

Update dependency to flying-saucer-pdf-openpdf version 9.1.11 alkacon/opencms-core#558

Closed

spring-projects-issues mentioned this pull request Jan 11, 2019

Replace iText 2.1.7 dependency with OpenPDF 1.0.5 [SPR-16352] spring-projects/spring-framework#20899

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix for CVE-2017-9096 iText XML External Entity Vulnerability #56

Fix for CVE-2017-9096 iText XML External Entity Vulnerability #56

albfernandez commented Nov 14, 2017

tlxtellef left a comment

ghost commented Nov 16, 2017

Fix for CVE-2017-9096 iText XML External Entity Vulnerability #56

Fix for CVE-2017-9096 iText XML External Entity Vulnerability #56

Conversation

albfernandez commented Nov 14, 2017

tlxtellef left a comment

Choose a reason for hiding this comment

ghost commented Nov 16, 2017