[ https://issues.apache.org/jira/browse/PDFBOX-1587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13645768#comment-13645768 ]
Thomas Chojecki commented on PDFBOX-1587: ----------------------------------------- For example: 1) If an project use the pdfbox and do some cryptographics and stay at bc 1.46 with this acutal pdfbox, no problem will occure. -> OK 2) If the dependency would be updated to 1.48, the code of the project will break without update to the new classes. -> ERROR 3) If the project that using pdfbox try to force the bc 1.46 version, pdfbox will break while parsing encrypted documents trying to access not available objects. -> ERROR > Update the dependency on Bouncy Castle to 1.48 > ----------------------------------------------- > > Key: PDFBOX-1587 > URL: https://issues.apache.org/jira/browse/PDFBOX-1587 > Project: PDFBox > Issue Type: Improvement > Affects Versions: 1.8.1 > Reporter: Emmanuel Bourg > Assignee: Thomas Chojecki > Fix For: 2.0.0 > > Attachments: pdfbox-bouncycastle-update.patch > > > The recent versions of Bouncy Castle didn't preserve the binary compatibility > and PDFBox doesn't compile against them. > This is an issue for the Debian project because the Bouncy Castle package has > to be updated to 1.48 in order to fix a security issue. This update is going > to break the PDFBox package. > Could you please update the dependency on Bouncy Castle? I'll attach the > patch with the necessary changes. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira