- Issue created by @bluegeek9
- Issue was unassigned.
- Status changed to Needs review
about 1 year ago 9:00pm 15 December 2023 - πΊπΈUnited States bluegeek9
composer update drupal/pdf_api -W
Also will update dompdf/dompdf
-
Nigel Cunningham β
committed 8b3980f4 on 2.x authored by
bluegeek9 β
Issue #3409151 by bluegeek9: DomPDF vulnerability
-
Nigel Cunningham β
committed 8b3980f4 on 2.x authored by
bluegeek9 β
- Status changed to Fixed
about 1 year ago 12:44am 16 December 2023 -
Nigel Cunningham β
committed 8b3980f4 on 2.4.x authored by
bluegeek9 β
Issue #3409151 by bluegeek9: DomPDF vulnerability
-
Nigel Cunningham β
committed 8b3980f4 on 2.4.x authored by
bluegeek9 β
- π¦πΊAustralia nigelcunningham Geelong
Fix released as 2.4.2 after consulting on the #security-team Slack channel about whether it needed to go through the Security release process (11.53am AEDT, 16 December 2023)
For future reference, if security issues occur in our module or upstream, can we discuss them privately first to be sure about whether we need to through that process, please? I can be reached via my D.O contact form.
Automatically closed - issue fixed for 2 weeks with no activity.