Open HTML to PDF v1.0.9 Release Notes
-
🚀 SECURITY RELEASE: This release will be brought forward due to security releases of the PDFBOX and Batik dependencies.
- ⬆️ #722 Upgrade PDFBOX (to 2.0.24) - avoids CVEs in earlier versions and PDFBoxGraphics2D. Thanks a lot @rototor.
- ⬆️ #678 Upgrade Batik Version to 1.14 (CVE-2020-11987) - Again it is strongly advised to avoid untrusted SVG and XML. Thanks @rototor.
- 🖨 #716 Replace rogue
println
calls with log calls. Thanks @syjer for PR, @tfo for reporting. - #708 Allow
shape-rendering
SVG CSS property. Thanks @syjer for PR, @RAlfoeldi for reporting. - 🚚 #703 Remove calls to deprecated method calls in JRE standard library. May change XML reader class. Implemented by @danfickle.
- 0️⃣ #702 Set timeouts for default HTTP/HTTPS handlers. Thanks for reporting @gengzi.
- 162228 Put links to raster images in SVGs through the URL resolver.
- #694 Fix incorrect B3 paper size. Thanks @lfintalan for reporting with line number!
- 🌲 ab48fd Do not log a missing font more than once.
NOTE: PDFBOX CVEs relate to the loading of untrusted PDFs in PDFBOX and thus this project is not directly affected. However, it is not a good idea to have CVEs on your classpath.