You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Tilman Hausherr (JIRA)" <ji...@apache.org> on 2017/07/11 15:14:00 UTC
[jira] [Created] (PDFBOX-3865) Add OWASP dependency-check to build
Tilman Hausherr created PDFBOX-3865:
---------------------------------------
Summary: Add OWASP dependency-check to build
Key: PDFBOX-3865
URL: https://issues.apache.org/jira/browse/PDFBOX-3865
Project: PDFBox
Issue Type: Task
Affects Versions: 2.0.6, 3.0.0
Reporter: Tilman Hausherr
Assignee: Tilman Hausherr
Fix For: 2.0.7, 3.0.0
https://github.com/jeremylong/dependency-check-gradle#current-release
checks the build against known security issues. I tried it with a project that linked pdfbox 2.0.0 (has XXE vulnerability) and yes, the build stopped.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org