pdfbox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From le...@apache.org
Subject pdfbox-docs git commit: Site checkin for project Apache PDFBox Website
Date Tue, 07 Jun 2016 17:02:21 GMT
Repository: pdfbox-docs
Updated Branches:
  refs/heads/asf-site 1a6a784f8 -> d83e97575


Site checkin for project Apache PDFBox Website


Project: http://git-wip-us.apache.org/repos/asf/pdfbox-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/pdfbox-docs/commit/d83e9757
Tree: http://git-wip-us.apache.org/repos/asf/pdfbox-docs/tree/d83e9757
Diff: http://git-wip-us.apache.org/repos/asf/pdfbox-docs/diff/d83e9757

Branch: refs/heads/asf-site
Commit: d83e9757574c72103ec29a182b25ee73f579714a
Parents: 1a6a784
Author: Andreas Lehmkühler <andreas@lehmi.de>
Authored: Tue Jun 7 19:02:19 2016 +0200
Committer: Andreas Lehmkühler <andreas@lehmi.de>
Committed: Tue Jun 7 19:02:19 2016 +0200

----------------------------------------------------------------------
 content/index.html                         |  28 ++--
 content/news/2016/05/27/CVE-2016-2175.html | 200 ++++++++++++++++++++++++
 2 files changed, 214 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/pdfbox-docs/blob/d83e9757/content/index.html
----------------------------------------------------------------------
diff --git a/content/index.html b/content/index.html
index 224f6cd..32c4ad8 100644
--- a/content/index.html
+++ b/content/index.html
@@ -139,13 +139,14 @@
     Apache PDFBox also includes several command line utilities.
     Apache PDFBox is published under the Apache License v2.0.</p>
 
-<h2>Apache PDFBox 1.8.12 and 2.0.1 released (2016-04-26)</h2>
-<p>The Apache PDFBox community is pleased to announce the release of
-Apache PDFBox version 1.8.12 and 2.0.1. They are available for download at:</p>
+<h2>CVE-2016-2175 XML External Entity vulnerability (2016-05-27)</h2>
+<p>Due to a XML External Entity vulnerability we strongly recommend to update to the
most recent version of Apache PDFBox.</p>
 
-<p><a href="http://pdfbox.apache.org/download.cgi">http://pdfbox.apache.org/download.cgi</a></p>
+<p><strong>Versions Affected:</strong>
+Apache PDFBox 1.8.0 to 1.8.11 and 2.0.0. Earlier, unsupported versions may be affected as
well.</p>
 
-<p>See the full release notes <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12334652">1.8.12</a>
and <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12335342">2.0.1</a>
for details about this release.</p>
+<p><strong>Mitigation:</strong>
+Upgrade to Apache PDFBox 1.8.12 respectively 2.0.1</p>
 
 <h2 id="getting-help">Getting Help</h2>
 
@@ -198,6 +199,14 @@ skills. Subscribe to the <a href="/mailinglists.html">Mailing Lists</a>
and find
 
 <h2 id="news">News</h2>
 
+<h3>Apache PDFBox 1.8.12 and 2.0.1 released (2016-04-26) </h3>
+<p>The Apache PDFBox community is pleased to announce the release of
+Apache PDFBox version 1.8.12 and 2.0.1. They are available for download at:</p>
+
+<p><a href="http://pdfbox.apache.org/download.cgi">http://pdfbox.apache.org/download.cgi</a></p>
+
+<p>See the full release notes <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12334652">1.8.12</a>
and <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12335342">2.0.1</a>
for details about this release.</p>
+
 <h3>Apache PDFBox 2.0.0 released (2016-03-18) </h3>
 <p>After more than 3 years of development the Apache PDFBox community is pleased to

 announce the release of Apache PDFBox version 2.0.0. It is available for download at:</p>
@@ -245,15 +254,6 @@ release hopefully could be the final one.</p>
 
 <p>See the <a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760&amp;version=12319281">full
release notes</a> for details about this release.</p>
 
-<h3>Apache PDFBox 2.0.0 RC1 released (2015-10-19) </h3>
-<p>With the initial discussions starting 3 years ago PDFBox 2.0.0 is in the works for
-quite some time now - <strong>and we are in the final stages!</strong> To give
you the opportunity
-to provide feedback a <a href="http://pdfbox.apache.org/download.cgi">PDFBox 2.0.0-RC1
Release Candidate</a>
-is now available.</p>
-
-<p>The <a href="http://pdfbox.apache.org/2.0/migration.html">Migration Guide</a>
shall give users coming from
-PDFBox 1.8 or earlier an overview about things to look at when switching over. More details
to come.</p>
-
 
             </div>
         </div>

http://git-wip-us.apache.org/repos/asf/pdfbox-docs/blob/d83e9757/content/news/2016/05/27/CVE-2016-2175.html
----------------------------------------------------------------------
diff --git a/content/news/2016/05/27/CVE-2016-2175.html b/content/news/2016/05/27/CVE-2016-2175.html
new file mode 100644
index 0000000..b01bf75
--- /dev/null
+++ b/content/news/2016/05/27/CVE-2016-2175.html
@@ -0,0 +1,200 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<!--
+     
+     Licensed to the Apache Software Foundation (ASF) under one or more
+     contributor license agreements.  See the NOTICE file distributed with
+     this work for additional information regarding copyright ownership.
+     The ASF licenses this file to You under the Apache License, Version 2.0
+     (the "License"); you may not use this file except in compliance with
+     the License.  You may obtain a copy of the License at
+     
+     http://www.apache.org/licenses/LICENSE- 2.0
+     
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+     -->
+
+<head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta name="description" content="The Apache PDFBox™ library is an open source Java
tool for working with PDF documents. This project allows creation of new PDF documents, manipulation
of existing documents and the ability to extract content from documents. Apache PDFBox also
includes several command line utilities. Apache PDFBox is published under the Apache License
v2.0.
+">
+
+    <title>Apache PDFBox | CVE-2016-2175 XML External Entity vulnerability</title>
+
+    <link href="/bootstrap/css/bootstrap.min.css" rel="stylesheet">
+    <link href="/css/pygments-github.css" rel="stylesheet">
+    
+    <link href="/css/site.css" rel="stylesheet">
+    
+    
+    
+     
+    
+    
+
+</head>
+
+<body>
+    <nav class="navbar navbar-default navbar-top">
+      <div class="container">
+        <div class="navbar-header">
+          <a href="/index.html">
+            <img class="logo" src="/images/logo-head.gif">
+          </a>
+          <p class="pull-right visible-xs">
+            <button type="button" class="btn btn-primary btn-sm" data-toggle="offcanvas">Menu</button>
+          </p>
+        </div>
+      </div>
+    </nav>
+    
+    <div class="container">
+        
+        <div class="row row-offcanvas row-offcanvas-left">
+            <div class="col-xs-6 col-sm-3 sidebar-offcanvas" id="sidebar">
+                
+                <ul class="sidebar">
+                    <li class="sidebar-header">Apache PDFBox</li>
+                    <li><a href="/index.html">Overview</a></li>
+                    <li><a href="/download.cgi">Downloads</a></li>
+                    
+                    <li class="sidebar-header">Community</li>
+                    <li><a href="/support.html">Support</a></li>
+                    <li><a href="/mailinglists.html">Mailing Lists</a></li>
+                    <li><a href="/team.html">Project Team</a></li>
+                    
+                    <li class="sidebar-header">Documentation</li>
+                    <li class="sidebar-node" id="v2-0">
+                        <a href="#">2.0</a>
+                        <ul>
+                            <li><a href="/2.0/migration.html">Migration Guide</a></li>
+                            <li><a href="/2.0/getting-started.html">Getting Started</a></li>
+                            <li><a href="/2.0/examples.html">Examples</a></li>
+                            <li><a href="/2.0/dependencies.html">Dependencies</a></li>
+                            <li class="sidebar-node" id="v2-0-cookbook">
+                                <a href="#">Cookbook</a>
+                                <ul>
+                                    <li><a href="/2.0/cookbook/encryption.html">Document
Encryption</a></li>
+                                </ul>
+                            </li>
+                            <li><a href="/2.0/commandline.html">Command Line
Tools</a></li>
+                            <li><a href="/docs/2.0.1/javadocs/">API Docs</a></li>
+                        </ul>
+                    </li>
+                    <li class="sidebar-node" id="v1-8">
+                        <a href="#">1.8</a>
+                        <ul>
+                            <li><a href="/1.8/architecture.html">Architecture</a></li>
+                            <li><a href="/1.8/dependencies.html">Dependencies</a></li>
+                            <li class="sidebar-node" id="v1-8-cookbook">
+                                <a href="#">Cookbook</a>
+                                <ul>
+                                    <li><a href="/1.8/cookbook/documentcreation.html">Document
Creation</a></li>
+                                    <li><a href="/1.8/cookbook/textextraction.html">Text
Extraction</a></li>
+                                    <li><a href="/1.8/cookbook/encryption.html">Document
Encryption</a></li>
+                                    <li><a href="/1.8/cookbook/workingwithfonts.html">Working
with Fonts</a></li>
+                                    <li><a href="/1.8/cookbook/workingwithmetadata.html">Working
with Metadata</a></li>
+                                    <li><a href="/1.8/cookbook/workingwithattachments.html">Working
with Attachments</a></li>
+                                    <li><a href="/1.8/cookbook/pdfavalidation.html">PDF/A
Validation</a></li>
+                                    <li><a href="/1.8/cookbook/pdfacreation.html">Creating
a PDF/A document</a></li>
+                                </ul>
+                            </li>
+                            <li><a href="/1.8/commandline.html">Command Line
Tools</a></li>
+                            <li><a href="/docs/1.8.12/javadocs/">API Docs</a></li>
+                            <li><a href="/1.8/faq.html">FAQ</a></li>
+                        </ul>
+                    </li>
+                    
+                    <li class="sidebar-header">Development</li>
+                    <li><a href="/building.html">Building from Source</a></li>
+                    <li><a href="/codingconventions.html">Coding Conventions</a></li>
+                    <li><a href="/siteupdate.html">Update the Website</a></li>
 
+                    <li><a href="https://builds.apache.org/view/All/job/PDFBox-trunk/">Jenkins</a></li>
+                    <li><a href="https://travis-ci.org/apache/pdfbox">Travis
CI</a></li>
+                    <li><a href="https://analysis.apache.org/dashboard/index/org.apache.pdfbox:pdfbox-reactor">SonarQube</a></li>
+                    <li><a href="https://issues.apache.org/jira/browse/PDFBOX">JIRA</a></li>
+                    <li><a href="/ideas.html">Ideas</a></li>
+                    <li><a href="/references.html">External Links</a></li>
+
+                    <li class="sidebar-header">Apache Software Foundation</li>
+                    <li><a href="http://www.apache.org/">Apache Software Foundation</a></li>
+                    <li><a href="http://www.apache.org/foundation/thanks.html">ASF
Sponsors</a></li>
+                    <li><a href="http://www.apache.org/security/">Security</a></li>
+                </ul>
+            </div>
+            <div class="col-xs-12 col-sm-9">
+                <p>Due to a XML External Entity vulnerability we strongly recommend
to update to the most recent version of Apache PDFBox.</p>
+
+<p><strong>Versions Affected:</strong>
+Apache PDFBox 1.8.0 to 1.8.11 and 2.0.0. Earlier, unsupported versions may be affected as
well.</p>
+
+<p><strong>Mitigation:</strong>
+Upgrade to Apache PDFBox 1.8.12 respectively 2.0.1</p>
+
+            </div>
+        </div>
+    </div>
+
+    <footer class="footer">
+        <div class="container">
+            <div class="row">
+                <div class="span3">
+                    <!-- nothing in here on purpose -->
+                </div>
+                <div class="span9">
+                    <p>Copyright © 2009&ndash;2015 <a href="http://www.apache.org/">The
Apache Software Foundation</a>, Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
License, Version 2.0</a>.
+                        <br/>Apache PDFBox, PDFBox, Apache, the Apache feather logo
and the Apache PDFBox project logos are trademarks of The Apache Software Foundation.</p>
+                </div>
+            </div>
+        </div>
+    </footer>
+
+        <!-- Twitter Bootstrap and jQuery after this line. -->
+    <script src="//code.jquery.com/jquery-latest.js"></script>
+    <script src="/bootstrap/js/bootstrap.min.js"></script>
+    <script type="text/javascript">
+        
+        $(document).ready(function () {
+                $('[data-toggle="offcanvas"]').click(function () {
+                $('.row-offcanvas').toggleClass('active')
+            });
+        });
+        
+        $(function() {
+            // collapse tree nodes dynamically to support noscript
+            $('.sidebar-node').addClass('collapsed');
+            
+
+            // toggle expand/collapse
+            $('.sidebar-node > a').click(function(e) {
+                $(this).parent().toggleClass('collapsed');
+                e.preventDefault();
+            });
+
+            // preserve expand/collapse across page navigation
+            var path = document.location.pathname;
+            if (path.indexOf('/1.8') == 0) {
+                $('#v1-8').removeClass('collapsed');
+                if (path.indexOf('/1.8/cookbook') == 0) {
+                    $('#v1-8-cookbook').removeClass('collapsed');
+                }
+            } else {
+                $('#v2-0').removeClass('collapsed');
+                if (path.indexOf('/2.0/cookbook') == 0) {
+                    $('#v2-0-cookbook').removeClass('collapsed');
+                }
+            }
+
+        });
+    </script>
+
+</body>
+
+</html>
\ No newline at end of file


Mime
View raw message