[
https://issues.apache.org/jira/browse/PDFBOX-1587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13645768#comment-13645768
]
Thomas Chojecki commented on PDFBOX-1587:
-----------------------------------------
For example:
1) If an project use the pdfbox and do some cryptographics and stay at bc 1.46
with this acutal pdfbox, no problem will occure. -> OK
2) If the dependency would be updated to 1.48, the code of the project will
break without update to the new classes. -> ERROR
3) If the project that using pdfbox try to force the bc 1.46 version, pdfbox
will break while parsing encrypted documents trying to access not available
objects. -> ERROR
> Update the dependency on Bouncy Castle to 1.48
> -----------------------------------------------
>
> Key: PDFBOX-1587
> URL: https://issues.apache.org/jira/browse/PDFBOX-1587
> Project: PDFBox
> Issue Type: Improvement
> Affects Versions: 1.8.1
> Reporter: Emmanuel Bourg
> Assignee: Thomas Chojecki
> Fix For: 2.0.0
>
> Attachments: pdfbox-bouncycastle-update.patch
>
>
> The recent versions of Bouncy Castle didn't preserve the binary compatibility
> and PDFBox doesn't compile against them.
> This is an issue for the Debian project because the Bouncy Castle package has
> to be updated to 1.48 in order to fix a security issue. This update is going
> to break the PDFBox package.
> Could you please update the dependency on Bouncy Castle? I'll attach the
> patch with the necessary changes.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
