From 799b5ffcfcaae279789c4667b5b05cde7b6d52c2 Mon Sep 17 00:00:00 2001 From: Stryhelski Date: Fri, 13 May 2022 16:04:58 +0300 Subject: [PATCH 1/6] Upgrade upgrade org.bouncycastle:bcprov-jdk15to18 from 1.70 to 1.71 DEVSIX-6636 --- pdfa/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pdfa/pom.xml b/pdfa/pom.xml index e6c7d932f..dd95a89cb 100644 --- a/pdfa/pom.xml +++ b/pdfa/pom.xml @@ -80,7 +80,7 @@ org.bouncycastle bcprov-jdk15to18 - 1.70 + 1.71 true From 5ba1ff4add0027cda2642eee3199c1cb4210b505 Mon Sep 17 00:00:00 2001 From: Yulian Gaponenko Date: Mon, 23 May 2022 18:31:29 +0200 Subject: [PATCH 2/6] Upgrade all dependencies to org.bouncycastle:bcprov-jdk15to18 from 1.70 to 1.71 DEVSIX-6698 --- itext/pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/itext/pom.xml b/itext/pom.xml index 1b72f0dce..4ca8467a0 100644 --- a/itext/pom.xml +++ b/itext/pom.xml @@ -75,13 +75,13 @@ org.bouncycastle bcprov-jdk15to18 - 1.70 + 1.71 true org.bouncycastle - bcpkix-jdk15on - 1.70 + bcpkix-jdk15to18 + 1.71 true From 93997e9891e221513a1da066f314bafa675ec2db Mon Sep 17 00:00:00 2001 From: Yulian Gaponenko Date: Mon, 23 May 2022 14:50:00 +0200 Subject: [PATCH 3/6] Switch to java8 for xtra module together with updating to earliest stable version of commons-imaging Change commons-imaging dependency to version 1.0-alpha1 instead of 1.0-SNAPSHOT. DEVSIX-6698 --- xtra/pom.xml | 49 +++++++++++++------------------------------------ 1 file changed, 13 insertions(+), 36 deletions(-) diff --git a/xtra/pom.xml b/xtra/pom.xml index eabebbd22..ea1d905f0 100644 --- a/xtra/pom.xml +++ b/xtra/pom.xml @@ -63,6 +63,9 @@ + + 1.8 UTF-8 -Xmx128m java @@ -80,7 +83,7 @@ org.apache.commons commons-imaging - 1.0-SNAPSHOT + 1.0-alpha1 commons-io @@ -111,6 +114,15 @@ + + org.apache.maven.plugins + maven-compiler-plugin + 3.10.1 + + ${xtra.java.version} + ${xtra.java.version} + + external.atlassian.jgitflow jgitflow-maven-plugin @@ -227,41 +239,6 @@ - - - compileWithLegacyJDK - - - 1.7 - ${env.JAVA7_HOME} - ${java.home}/jre/lib - ${java.libs}/rt.jar${path.separator}${java.libs}/jce.jar - - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.6.1 - - ${java.version} - ${java.version} - - ${java.bootclasspath} - - ${java.version} - true - ${java.home}/bin/javac - - - - - - From fb12ce1c18b07c351f0c2f25713d48dc25e4ddae Mon Sep 17 00:00:00 2001 From: "vitali.prudnikovich" Date: Mon, 21 Nov 2022 14:05:25 +0300 Subject: [PATCH 4/6] Fix DefaultSplitCharacter.isSplitCharacter performance issue DEVSIX-7203 --- .../text/pdf/DefaultSplitCharacter.java | 22 +++++++++---------- .../DefaultSplitCharacterProfilingTest.java | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/itext/src/main/java/com/itextpdf/text/pdf/DefaultSplitCharacter.java b/itext/src/main/java/com/itextpdf/text/pdf/DefaultSplitCharacter.java index da4fbf611..bc8c7adbc 100644 --- a/itext/src/main/java/com/itextpdf/text/pdf/DefaultSplitCharacter.java +++ b/itext/src/main/java/com/itextpdf/text/pdf/DefaultSplitCharacter.java @@ -116,8 +116,14 @@ public DefaultSplitCharacter(char[] characters) { * @return true if the character can be used to split a string, false otherwise */ public boolean isSplitCharacter(int start, int current, int end, char[] cc, PdfChunk[] ck) { - char[] ccTmp = checkDatePattern(String.valueOf(cc)); - char c = getCurrentCharacter(current, ccTmp, ck); + char c = getCurrentCharacter(current, cc, ck); + if (c == '-') { + int beginDateidx = Math.max(current - 8, 0); + int dateLength = Math.min(16, cc.length - beginDateidx); + if (containsDate(String.valueOf(cc, beginDateidx, dateLength))) { + return false; + } + } if (characters != null) { for (int i = 0; i < characters.length; i++) { @@ -155,14 +161,8 @@ protected char getCurrentCharacter(int current, char[] cc, PdfChunk[] ck) { return (char) ck[Math.min(current, ck.length - 1)].getUnicodeEquivalent(cc[current]); } - private char[] checkDatePattern(String data) { - if (data.contains("-")) { - Matcher m = DATE_PATTERN.matcher(data); - if (m.find()) { - String tmpData = m.group(1).replace('-', '\u2011'); - data = data.replaceAll(m.group(1), tmpData); - } - } - return data.toCharArray(); + private static boolean containsDate(String data) { + Matcher m = DATE_PATTERN.matcher(data); + return m.find(); } } diff --git a/itext/src/test/java/com/itextpdf/text/pdf/DefaultSplitCharacterProfilingTest.java b/itext/src/test/java/com/itextpdf/text/pdf/DefaultSplitCharacterProfilingTest.java index 527330f76..f9d073a30 100644 --- a/itext/src/test/java/com/itextpdf/text/pdf/DefaultSplitCharacterProfilingTest.java +++ b/itext/src/test/java/com/itextpdf/text/pdf/DefaultSplitCharacterProfilingTest.java @@ -21,7 +21,7 @@ public class DefaultSplitCharacterProfilingTest { private static final String READ_FILE_FAIL_MESSAGE = "Failed to read test file {0}. The test could not be completed."; - private static final int TIME_LIMIT = 20000; + private static final int TIME_LIMIT = 5000; @Test(timeout = 30000) public void checkDatePatternProfilingTest() { From 8e8098493faba9e2e9aa6b26095e26c830856720 Mon Sep 17 00:00:00 2001 From: Dmitry Chubrick Date: Fri, 7 Jun 2024 12:04:23 +0300 Subject: [PATCH 5/6] Bump bouncycastle version to the latest to fix vulnerabilities DEVSIX-8402 --- itext/pom.xml | 4 ++-- .../itextpdf/text/pdf/security/CertificateUtil.java | 2 +- .../com/itextpdf/text/pdf/security/PdfPKCS7.java | 12 ++++++------ pdfa/pom.xml | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/itext/pom.xml b/itext/pom.xml index 4ca8467a0..6362065cc 100644 --- a/itext/pom.xml +++ b/itext/pom.xml @@ -75,13 +75,13 @@ org.bouncycastle bcprov-jdk15to18 - 1.71 + 1.78.1 true org.bouncycastle bcpkix-jdk15to18 - 1.71 + 1.78.1 true diff --git a/itext/src/main/java/com/itextpdf/text/pdf/security/CertificateUtil.java b/itext/src/main/java/com/itextpdf/text/pdf/security/CertificateUtil.java index 505f39eff..df3709b16 100644 --- a/itext/src/main/java/com/itextpdf/text/pdf/security/CertificateUtil.java +++ b/itext/src/main/java/com/itextpdf/text/pdf/security/CertificateUtil.java @@ -120,7 +120,7 @@ public static String getCRLURL(X509Certificate certificate) throws CertificatePa if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { continue; } - DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject)name.toASN1Primitive(), false); + DERIA5String derStr = (DERIA5String) DERIA5String.getInstance((ASN1TaggedObject)name.toASN1Primitive(), false); return derStr.getString(); } } diff --git a/itext/src/main/java/com/itextpdf/text/pdf/security/PdfPKCS7.java b/itext/src/main/java/com/itextpdf/text/pdf/security/PdfPKCS7.java index cd1302ee4..dfd4f249c 100644 --- a/itext/src/main/java/com/itextpdf/text/pdf/security/PdfPKCS7.java +++ b/itext/src/main/java/com/itextpdf/text/pdf/security/PdfPKCS7.java @@ -220,7 +220,7 @@ public PdfPKCS7(byte[] contentsKey, PdfName filterSubtype, String provider) { ASN1ObjectIdentifier objId = (ASN1ObjectIdentifier)signedData.getObjectAt(0); if (!objId.getId().equals(SecurityIDs.ID_PKCS7_SIGNED_DATA)) throw new IllegalArgumentException(MessageLocalization.getComposedMessage("not.a.valid.pkcs.7.object.not.signed.data")); - ASN1Sequence content = (ASN1Sequence)((ASN1TaggedObject)signedData.getObjectAt(1)).getObject(); + ASN1Sequence content = (ASN1Sequence)((ASN1TaggedObject)signedData.getObjectAt(1)).getBaseObject(); // the positions that we care are: // 0 - version // 1 - digestAlgorithms @@ -243,7 +243,7 @@ public PdfPKCS7(byte[] contentsKey, PdfName filterSubtype, String provider) { // the possible ID_PKCS7_DATA ASN1Sequence rsaData = (ASN1Sequence)content.getObjectAt(2); if (rsaData.size() > 1) { - ASN1OctetString rsaDataContent = (ASN1OctetString)((ASN1TaggedObject)rsaData.getObjectAt(1)).getObject(); + ASN1OctetString rsaDataContent = (ASN1OctetString)((ASN1TaggedObject)rsaData.getObjectAt(1)).getBaseObject(); RSAdata = rsaDataContent.getOctets(); } @@ -343,11 +343,11 @@ else if (idSeq2.equals(SecurityIDs.ID_ADBE_REVOCATION)) { for (int j = 0; j < seqout.size(); ++j) { ASN1TaggedObject tg = (ASN1TaggedObject)seqout.getObjectAt(j); if (tg.getTagNo() == 0) { - ASN1Sequence seqin = (ASN1Sequence)tg.getObject(); + ASN1Sequence seqin = (ASN1Sequence)tg.getBaseObject(); findCRL(seqin); } if (tg.getTagNo() == 1) { - ASN1Sequence seqin = (ASN1Sequence)tg.getObject(); + ASN1Sequence seqin = (ASN1Sequence)tg.getBaseObject(); findOcsp(seqin); } } @@ -1283,8 +1283,8 @@ private void findOcsp(ASN1Sequence seq) throws IOException { } if (seq.getObjectAt(k) instanceof ASN1TaggedObject) { ASN1TaggedObject tag = (ASN1TaggedObject)seq.getObjectAt(k); - if (tag.getObject() instanceof ASN1Sequence) { - seq = (ASN1Sequence)tag.getObject(); + if (tag.getBaseObject() instanceof ASN1Sequence) { + seq = (ASN1Sequence)tag.getBaseObject(); ret = false; break; } diff --git a/pdfa/pom.xml b/pdfa/pom.xml index dd95a89cb..19bfe4808 100644 --- a/pdfa/pom.xml +++ b/pdfa/pom.xml @@ -80,7 +80,7 @@ org.bouncycastle bcprov-jdk15to18 - 1.71 + 1.78.1 true From e8a0a1f86e1ca90dcc487c2580d9f5534e938e6c Mon Sep 17 00:00:00 2001 From: Apryse Software Date: Thu, 13 Jun 2024 14:06:44 +0300 Subject: [PATCH 6/6] [RELEASE] iText 5.5.13.4 --- itext/pom.xml | 2 +- itext/src/main/java/com/itextpdf/text/Version.java | 4 ++-- pdfa/pom.xml | 2 +- pom.xml | 2 +- xmlworker/pom.xml | 2 +- xtra/pom.xml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/itext/pom.xml b/itext/pom.xml index 6362065cc..ecc93c5b5 100644 --- a/itext/pom.xml +++ b/itext/pom.xml @@ -10,7 +10,7 @@ itextpdf - 5.5.14-SNAPSHOT + 5.5.13.4 iText Core A Free Java-PDF library diff --git a/itext/src/main/java/com/itextpdf/text/Version.java b/itext/src/main/java/com/itextpdf/text/Version.java index 46e652f0a..f1d968726 100644 --- a/itext/src/main/java/com/itextpdf/text/Version.java +++ b/itext/src/main/java/com/itextpdf/text/Version.java @@ -74,14 +74,14 @@ public final class Version { * This String contains the version number of this iText release. * For debugging purposes, we request you NOT to change this constant. */ - private final String release = "5.5.14-SNAPSHOT"; + private final String release = "5.5.13.4"; /** * This String contains the iText version as shown in the producer line. * iText is a product developed by iText Group NV. * iText Group requests that you retain the iText producer line * in every PDF that is created or manipulated using iText. */ - private String iTextVersion = iText + " " + release + " \u00a92000-2020 iText Group NV"; + private String iTextVersion = iText + " " + release + " \u00a92000-2024 iText Group NV"; /** * The license key. */ diff --git a/pdfa/pom.xml b/pdfa/pom.xml index 19bfe4808..812c53299 100644 --- a/pdfa/pom.xml +++ b/pdfa/pom.xml @@ -10,7 +10,7 @@ itext-pdfa - 5.5.14-SNAPSHOT + 5.5.13.4 iText PDF/A iText ISO-19005 Module diff --git a/pom.xml b/pom.xml index 8e2c8c653..cfc56629b 100644 --- a/pom.xml +++ b/pom.xml @@ -9,7 +9,7 @@ root - 5.5.14-SNAPSHOT + 5.5.13.4 pom iText diff --git a/xmlworker/pom.xml b/xmlworker/pom.xml index ee1621857..d0ab5526d 100644 --- a/xmlworker/pom.xml +++ b/xmlworker/pom.xml @@ -11,7 +11,7 @@ com.itextpdf.tool xmlworker - 5.5.14-SNAPSHOT + 5.5.13.4 iText XML Worker Parses XML to PDF, with CSS support, using iText diff --git a/xtra/pom.xml b/xtra/pom.xml index ea1d905f0..bbfcccecb 100644 --- a/xtra/pom.xml +++ b/xtra/pom.xml @@ -10,7 +10,7 @@ itext-xtra - 5.5.14-SNAPSHOT + 5.5.13.4 iText Xtra iText Xtra, part of iText a Free Java-PDF library