Releases: FriendsOfREDAXO/pdfout
7.0.0 Happy new PDF
Vollständig überarbeitete Version.
Neu: Setting-Methoden zur einfacheren Konfiguration
Neu: Der REDAXO-Outputfilter kann direkt ausgeführt werden
Neu: Gleichzeitige Ausgabe und Speicherung der PDF möglich
Neu: DPI kann eingestellt werden
Neu: Readme überarbeitet
Deprecated: sendPdf(), die Methode wird mit 8.0.0 entfernt. Daher bitte schon jetzt auf die neue Schreibweise umstellen.
6.2.1
Vendor: Security fix: dompdf/dompdf#2994
Vendor: Change highlights since 2.0.0
Improved font-face declaration parsing and handling
Improved layout of images with percentage-based dimensions
6.2.0
6.1.0
PDF.js Vendor Update
Full Changelog: 6.0.0...6.1.0
6.0.0
What's Changed
- $this entfernt by @skerbis in #51
- Update pdfout.php by @skerbis in #52
- check for $outattach by @skerbis in #53
Thanks to @staabm & REXStan it's also a bit better in code
Full Changelog: 5.2.0...6.0.0
Updated to version 2 of @dompdf - thanks
Change highlights since 1.2.x
- Addresses multiple security vulnerabilities (see below)
- Modifies callback and page_script/page_text handling (breaking change, see below)
- Switches the HTML5 parser to Masterminds/HTML5
- Improves CSS property parsing and representation
- Improves border, outline, and background rendering for inline elements
- Switches installed fonts and font metrics cache file format to JSON
- Adds support for the inset CSS shorthand property and the legacy break-word keyword for word-break
- Adds "end_document" callback event
Vulnerability | References | Type | Severity |
---|---|---|---|
Improper Restriction of XML External Entity Reference | #2564 | Information Disclosure | TBD |
Deserialization of Untrusted Data | #2564 | Remote Code Execution | Critical |
External Control of File Name or Path | #2564 | Information Disclosure | TBD |
Server-Side Request Forgery | #2564 | Information Disclosure | TBD |
and much more
More Information https://github.com/dompdf/dompdf/releases/tag/v2.0.0
Version 6-beta1, Vendor 2.0
Updated to version 2 of @dompdf - thanks
Change highlights since 1.2.x
- Addresses multiple security vulnerabilities (see below)
- Modifies callback and page_script/page_text handling (breaking change, see below)
- Switches the HTML5 parser to Masterminds/HTML5
- Improves CSS property parsing and representation
- Improves border, outline, and background rendering for inline elements
- Switches installed fonts and font metrics cache file format to JSON
- Adds support for the inset CSS shorthand property and the legacy break-word keyword for word-break
- Adds "end_document" callback event
Vulnerability | References | Type | Severity |
---|---|---|---|
Improper Restriction of XML External Entity Reference | #2564 | Information Disclosure | TBD |
Deserialization of Untrusted Data | #2564 | Remote Code Execution | Critical |
External Control of File Name or Path | #2564 | Information Disclosure | TBD |
Server-Side Request Forgery | #2564 | Information Disclosure | TBD |
and much more
More Information https://github.com/dompdf/dompdf/releases/tag/v2.0.0
5.2.0
5.1.0
5.0.3
Vendor: v1.2.1
Security fixes:
https://positive.security/blog/dompdf-rce