libpdfbox-java - Debian Package Tracker

general

source: libpdfbox-java (main)
version: 1:1.8.16-2
maintainer: Debian Java Maintainers (archive) (DMD)
uploaders: Emmanuel Bourg [DMD] – gregor herrmann [DMD] – tony mancill [DMD]
arch: all
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1:1.8.12-1
oldstable: 1:1.8.16-2
stable: 1:1.8.16-2
testing: 1:1.8.16-2
unstable: 1:1.8.16-2

versioned links

1:1.8.12-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:1.8.16-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libfontbox-java
libfontbox-java-doc
libjempbox-java
libjempbox-java-doc
libpdfbox-java (1 bugs: 0, 1, 0, 0)
libpdfbox-java-doc

action needed

A new upstream version is available: 2.0.27 high

A new upstream version 2.0.27 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2022-12-03 01:32

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2021-31811: In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812: In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

Created: 2022-07-04 Last update: 2022-08-01 13:40

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2021-31811: In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812: In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Multiarch hinter reports 5 issue(s) normal

There are issues with the multiarch metadata for this package.

libfontbox-java could be marked Multi-Arch: foreign
libfontbox-java-doc could be marked Multi-Arch: foreign
libjempbox-java could be marked Multi-Arch: foreign
libjempbox-java-doc could be marked Multi-Arch: foreign
libpdfbox-java-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2022-12-03 06:01

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2022-10-24 Last update: 2022-12-03 01:35

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1:1.8.16-3, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 131d4f484b1f95b8b414a8fad390ffaf01e8940b
Author: gregor herrmann <gregoa@debian.org>
Date:   Sun Oct 2 15:13:10 2022 +0200

    update changelog
    
    Gbp-Dch: Ignore

commit ed1084b366ae9601d8552c023576c6d9a519b161
Author: gregor herrmann <gregoa@debian.org>
Date:   Sun Oct 2 14:59:45 2022 +0200

    debian/rules: rename override_dh_auto_{configure,build} to -indep.
    
    We are not building any architecture dependent packages.

commit 249db7051d1cbf44a282725badc3892a65da4de7
Author: gregor herrmann <gregoa@debian.org>
Date:   Sun Oct 2 14:58:50 2022 +0200

    debian/rules: use version of aglfn
    
    instead of lcdf-typetools.
    
    This change was missing in 40c228a.

commit ce122d9fd952ef1bbe704b84ef6ee8cfdf04bb99
Author: gregor herrmann <gregoa@debian.org>
Date:   Sun Oct 2 14:56:01 2022 +0200

    debian/control: move javahelper from Build-Depends-Indep to Build-Depends.
    
    It is used during clean via the javahelper debhelper addon.

commit dedab99b3ae7d506e74f9aa5246fbaaf0fb3807f
Author: gregor herrmann <gregoa@debian.org>
Date:   Fri Aug 20 03:34:58 2021 +0200

    update changelog
    
    Gbp-Dch: Ignore

commit 249b33f2007572107a8ffe049072714c518f7c18
Author: gregor herrmann <gregoa@debian.org>
Date:   Fri Aug 20 03:34:58 2021 +0200

    Remove myself from Uploaders.

Created: 2021-08-20 Last update: 2022-11-30 20:32

lintian reports 6 warnings normal

Lintian reports 6 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-01-01 Last update: 2022-07-30 12:14

2 low-priority security issues in bullseye low

There are 2 open security issues in bullseye.

2 issues left for the package maintainer to handle:

CVE-2021-31811: (needs triaging) In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
CVE-2021-31812: (needs triaging) In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

You can find information about how to handle these issues in the security team's documentation.

Created: 2022-07-04 Last update: 2022-08-01 13:40

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.3.0).

Created: 2019-07-08 Last update: 2022-05-11 23:25

news

[rss feed]

[2019-03-02] libpdfbox-java 1:1.8.16-2 MIGRATED to testing (Debian testing watch)
[2019-02-19] Accepted libpdfbox-java 1:1.8.16-2 (source) into unstable (gregor herrmann)
[2018-10-16] Accepted libpdfbox-java 1:1.8.7+dfsg-1+deb8u2 (source all) into oldstable (Chris Lamb)
[2018-10-12] libpdfbox-java 1:1.8.16-1 MIGRATED to testing (Debian testing watch)
[2018-10-06] Accepted libpdfbox-java 1:1.8.16-1 (source) into unstable (Markus Koschany)
[2018-07-06] libpdfbox-java 1:1.8.15-1 MIGRATED to testing (Debian testing watch)
[2018-06-30] Accepted libpdfbox-java 1:1.8.15-1 (source) into unstable (Markus Koschany)
[2018-01-27] libpdfbox-java 1:1.8.13-2 MIGRATED to testing (Debian testing watch)
[2018-01-22] Accepted libpdfbox-java 1:1.8.13-2 (source all) into unstable (tony mancill)
[2017-08-01] libpdfbox-java 1:1.8.13-1 MIGRATED to testing (Debian testing watch)
[2017-07-26] Accepted libpdfbox-java 1:1.8.13-1 (source) into unstable (Markus Koschany)
[2016-06-28] Accepted libpdfbox-java 1:1.8.7+dfsg-1+deb8u1 (source all) into proposed-updates->stable-new, proposed-updates (Emmanuel Bourg)
[2016-06-08] Accepted libpdfbox-java 1:1.7.0+dfsg-4+deb7u1 (source all) into oldstable (signed by: Markus Koschany)
[2016-06-07] libpdfbox-java 1:1.8.12-1 MIGRATED to testing (Debian testing watch)
[2016-06-01] Accepted libpdfbox-java 1:1.8.12-1 (source all) into unstable (Emmanuel Bourg)
[2016-01-29] libpdfbox-java 1:1.8.11+dfsg-1 MIGRATED to testing (Debian testing watch)
[2016-01-23] Accepted libpdfbox-java 1:1.8.11+dfsg-1 (source) into unstable (gregor herrmann)
[2015-12-13] libpdfbox-java 1:1.8.10-2 MIGRATED to testing (Debian testing watch)
[2015-12-08] Accepted libpdfbox-java 1:1.8.10-2 (source all) into unstable (tony mancill)
[2015-11-24] libpdfbox-java 1:1.8.10-1 MIGRATED to testing (Britney)
[2015-11-18] Accepted libpdfbox-java 1:1.8.10-1 (source all) into unstable (Emmanuel Bourg)
[2014-09-25] libpdfbox-java 1:1.8.7+dfsg-1 MIGRATED to testing (Britney)
[2014-09-19] Accepted libpdfbox-java 1:1.8.7+dfsg-1 (source all) into unstable (gregor herrmann)
[2014-06-29] libpdfbox-java 1:1.8.6+dfsg-1 MIGRATED to testing (Debian testing watch)
[2014-06-23] Accepted libpdfbox-java 1:1.8.6+dfsg-1 (source all) (gregor herrmann)
[2014-05-08] libpdfbox-java 1:1.8.5+dfsg-1 MIGRATED to testing (Debian testing watch)
[2014-05-02] Accepted libpdfbox-java 1:1.8.5+dfsg-1 (source all) (gregor herrmann)
[2014-02-12] libpdfbox-java 1:1.8.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2014-02-05] Accepted libpdfbox-java 1:1.8.4+dfsg-1 (source all) (gregor herrmann)
[2013-12-10] libpdfbox-java 1:1.8.3+dfsg-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 2
RC: 0
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 6)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:1.8.16-2
1 bug