Opened 3 months ago

Closed 3 months ago

Last modified 6 weeks ago

#15176 closed enhancement (fixed)

PDFBOX (used by fop) 2.0.24

Reported by: ken@… Owned by: Douglas R. Reno
Priority: elevated Milestone: 11.0
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

From the oss-security list: Description:

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

This issue is being tracked as PDFBOX-5177

Mitigation:

This issue was fixed in 2.0.24. All users are recommended to upgrade to Apache PDFBox 2.0.24

Credit:

Apache PDFBox would like to thank Chaoyuan Peng for reporting this issue

References: https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e%40%3Cusers.pdfbox.apache.org%3E

That shows it is CVE-2021-31812

Although we do not list pdfbox in our index, 2.0.23 is a required download on the fop page.

Change History (6)

comment:1 by Douglas R. Reno, 3 months ago

CVE-2021-31812 is for an infinite loop. CVE-2021-31811 is for the OutOfMemory exception

comment:2 by Douglas R. Reno, 3 months ago

CVE-2021-31812

Description:

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

Mitigation:

This issue was fixed in 2.0.24. All users are recommended to upgrade to Apache PDFBox 2.0.24

Credit:

Apache PDFBox would like to thank Chaoyuan Peng for reporting this issue

References:
https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e%40%3Cusers.pdfbox.apache.org%3E 

CVE-2021-31811

Description:

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

This issue is being tracked as PDFBOX-5177

Mitigation:

This issue was fixed in 2.0.24. All users are recommended to upgrade to Apache PDFBox 2.0.24

Credit:

Apache PDFBox would like to thank Chaoyuan Peng for reporting this issue

References:
https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e%40%3Cusers.pdfbox.apache.org%3E 

comment:3 by Douglas R. Reno, 3 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:4 by Douglas R. Reno, 3 months ago

Release Notes -- Apache PDFBox -- Version 2.0.24

Introduction
------------

The Apache PDFBox library is an open source Java tool for working with PDF documents.

This is an incremental bugfix release based on the earlier 2.0.23 release. It contains
a couple of fixes and small improvements.

For more details on these changes and all the other fixes and improvements
included in this release, please refer to the following issues on the
PDFBox issue tracker at https://issues.apache.org/jira/browse/PDFBOX.

Bug

[PDFBOX-5051] - Slow rendering for specific PDF file
[PDFBOX-5134] - Very slow rendering on PageDrawer.shadingFill
[PDFBOX-5135] - Glyphs missed in rendering
[PDFBOX-5137] - Wrong classification of an JPEG image leading to a blank image added to a pdf document
[PDFBOX-5138] - Embedded files not extracted from PDF files with multilevel EmbeddedFiles tree
[PDFBOX-5150] - 3.0.0-RC1: PDComboBox.setValue() throws IllegalArgumentException: /DA is a required entry
[PDFBOX-5151] - Issue with COSObjectKey::fixGeneration
[PDFBOX-5155] - Error extracting text from PDF - Can't read the embedded Type1 font FDFBJU+NewsGothic
[PDFBOX-5156] - Error in identification of PDF comment symbol % as a token separator with PDF names
[PDFBOX-5163] - Stack overflow when reading a corrupt dictionary
[PDFBOX-5168] - dash pattern [0] should be invisible
[PDFBOX-5175] - Behaviour change in 2.0.20 due to use of IOUtils.populateBuffer in SecurityHandler.prepareAESInitializationVector leading to IOException for certain PDF
[PDFBOX-5176] - java.io.IOException: Page tree root must be a dictionary
[PDFBOX-5180] - Snapshot Deploy not working
[PDFBOX-5187] - TSAClient with username+password
[PDFBOX-5188] - COSOutputStream.flush doesn't call super
[PDFBOX-5190] - BaseParser: stack overflow when reading a corrupt pdf
[PDFBOX-5191] - isEmbeddingPermitted() is too restrictive on TTFs with OS2 table versions 0-2
[PDFBOX-5192] - Wild rendering when repeating truetype glyph flag is outside of range
[PDFBOX-5193] - v2.0.22 and v3.0.0-RC1 PDF Debugger app crashes with java.lang.NullPointerException
[PDFBOX-5194] - CreateCheckBox example draws too large, clipped checkmark
[PDFBOX-5196] - Wrong color space detected for some Jpeg images
[PDFBOX-5199] - Possible memory leak after calling decode filter
[PDFBOX-5204] - Ink annotation not rendered

Improvement

[PDFBOX-5093] - Pass PDFRenderer to PDFPrintable constructor
[PDFBOX-5141] - Create tests for HelloWorld examples
[PDFBOX-5145] - Faster PDImageXObject.applyMask
[PDFBOX-5154] - Custom folder for fonts in FontMapper
[PDFBOX-5157] - allow to make timestamp only signature "LTV"
[PDFBOX-5164] - Create portable collection PDF
[PDFBOX-5177] - Optimize memory footprint of PDFObjectStreamParser
[PDFBOX-5183] - Add getter/setter for suppressDuplicateOverlappingText in PDFMarkedContentExtractor
[PDFBOX-5200] - Cache PageTree in PDFPrintable
[PDFBOX-5201] - Add Adobe Illustrator COSNames
[PDFBOX-5208] - Make constructors of CIDSystemInfo and PDPanoseClassification public

Wish

[PDFBOX-5198] - When merging multiple pdf ua documents, Tags become nested

Task

[PDFBOX-5133] - Failing testFlattenPDFBox2469Filled on Ubuntu
[PDFBOX-5184] - Add test for PDFMarkedContentExtractor class
[PDFBOX-5186] - Create test for CreateGradientShadingPDF

comment:5 by Douglas R. Reno, 3 months ago

Resolution: fixed
Status: assignedclosed

Fixed at e3b75e1853dd78789378a88863205b76f931984a

Security Advisory added as well

comment:6 by Bruce Dubbs, 6 weeks ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.