Upgrade to batik 1.10 to fix security vulnerabilities

Question

Upgrade to batik 1.10 to fix security vulnerabilities

Closed this issue 6 years ago · 2 comments

openhtmltopdf is using batik as a 3rd party libarary version 1.9, but it has a high security vulnerability. Please consider updating it to 1.10 so openhtmltopdf can pass security scanners more easily.

batik:1.9 -> upgrade to batik:1.10 for https://nvd.nist.gov/vuln/detail/CVE-2018-8013

Answer 1 · 2018-10-18T04:10:32.000Z

RC17 just released with update to Batik. Thanks @chubbard.

Answer 2 · 2018-10-18T04:26:46.000Z

Thank you for turning that around so quickly!