Opened 4 months ago

Closed 4 months ago

#14805 closed enhancement (fixed)

pdfbox-2.0.23 and fontbox-2.0.23 (CVE-2021-27807 CVE-2021-27906)

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: elevated Milestone: 10.2
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by Douglas R. Reno)

New point versions of supplemental JARs for fop.

Security information:

CVE-2021-27807

[oss-security] CVE-2021-27807: Apache PDFBox: A carefully crafted PDF file can trigger an infinite loop while loading the file.

Description:

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox Apache PDFBox version 2.0.22 and prior 2.0.x versions.

Credit:

Apache PDFBox would like to thank Fabian Meumertzheim for reporting this issue

CVE-2021-27906

[oss-security] CVE-2021-27906: Apache PDFBox: A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file


Description:

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox Apache PDFBox version 2.0.22 and prior 2.0.x versions.

This issue is being tracked as PDFBOX-5112

Credit:

Apache PDFBox would like to thank Fabian Meumertzheim for reporting this issue

Change History (5)

comment:1 by Douglas R. Reno, 4 months ago

Priority: normalelevated

The new JARs have been released:

Release Notes -- Apache PDFBox -- Version 2.0.23

Introduction
------------

The Apache PDFBox library is an open source Java tool for working with PDF documents.

This is an incremental bugfix release based on the earlier 2.0.23 release. It contains
a couple of fixes and small improvements.

For more details on these changes and all the other fixes and improvements
included in this release, please refer to the following issues on the
PDFBox issue tracker at https://issues.apache.org/jira/browse/PDFBOX.

Bug

[PDFBOX-3000] - Transparency Group issues
[PDFBOX-4398] - getLastSignatureDictionary modifies internal structure of PDDocument
[PDFBOX-5050] - NullPointerexception in AcroFormOrphanWidgetsProcessor.resolveNonRootField()
[PDFBOX-5060] - AcroForm PDTextField formatting lost when setting value
[PDFBOX-5063] - testCreateCheckBox fails on travis / github
[PDFBOX-5072] - java.lang.IndexOutOfBoundsException
[PDFBOX-5078] - Failure to modify cropBox when splitting a PDF Page vertically into 2 pieces
[PDFBOX-5080] - Type1Parser.parseASCII throws inconsistent exceptions
[PDFBOX-5081] - CFFParser.ByteSource.readRealNumber can better throw IOException
[PDFBOX-5090] - Missing text extraction under certain conditions starting with apache pdfbox 2.0.18
[PDFBOX-5091] - Performance issue when converting PDF to image after upgrading from PDFBox 2.0.20 to 2.0.21
[PDFBOX-5094] - Wrong glyph when rendering a symbolic TTF font with WinANSIEncoding
[PDFBOX-5100] - Sometimes unneeded message "Removed /IDTree from /Names dictionary, doesn't belong there"
[PDFBOX-5104] - ArrayIndexOutOfBoundsException in isOwnerPassword
[PDFBOX-5105] - IllegalArgumentException in computeEncryptedKeyRev56
[PDFBOX-5106] - IllegalArgumentException in PDFObjectStreamParser.privateReadObjectNumbers
[PDFBOX-5107] - ClassCastException in COSStream.getFilterList
[PDFBOX-5108] - ArrayIndexOutOfBoundsException in PDFXrefStreamParser.parseValue
[PDFBOX-5115] - U+00AD ('sfthyphen') is not available in this font Times-Roman encoding: WinAnsiEncoding
[PDFBOX-5123] - OS2WindowsMetricsTable "version" variable confused with OpenType specification version
[PDFBOX-5124] - Improperly declared OS2WindowsMetricsTable version (v0 table declard as v3) in embedded font stops parsing with EOFException

Improvement

[PDFBOX-3017] - Improve document signing
[PDFBOX-5055] - Minor improvement
[PDFBOX-5103] - Allow reuse of subsetted fonts by inverting the ToUnicode CMap
[PDFBOX-5110] - improve performance in signature validation
[PDFBOX-5112] - Add more checks to PDFXrefStreamParser and reduce memory footprint
[PDFBOX-5116] - Add rotated box to ShowColorBoxes.java example
[PDFBOX-5121] - Use StringBuilder for key in PDDeviceN.toRGBWithTintTransform()
[PDFBOX-5122] - Don't use RGB loop in PDDeviceN.toRGBWithTintTransform()

Task

[PDFBOX-5045] - testFlattenOpenOfficeForm() has differences
[PDFBOX-5057] - Review CCITTFaxDecoder updates

Release Contents
----------------

This release consists of a single source archive packaged as a zip file.
The archive can be unpacked with the jar tool from your JDK installation.
See the README.txt file for instructions on how to build this release.

The source archive is accompanied by a SHA512 checksum and a PGP signature
that you can use to verify the authenticity of your download.
The public key used for the PGP signature can be found at
https://www.apache.org/dist/pdfbox/KEYS.

comment:2 by Douglas R. Reno, 4 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:3 by Douglas R. Reno, 4 months ago

Description: modified (diff)

Remove extraneous '7' from the description

comment:4 by Douglas R. Reno, 4 months ago

In order to test this, I've made the LFS book by running "make pdf". Everything seems to be sane over there, so I'll proceed with getting MD5SUMS and sizes and then moving onto my next ticket :)

comment:5 by Douglas R. Reno, 4 months ago

Resolution: fixed
Status: assignedclosed

Fixed at r24399

Note: See TracTickets for help on using tickets.