All Versions
11
Latest Version
Avg Release Cycle
211 days
Latest Release
1361 days ago

Changelog History
Page 2

  • v0.6.2 Changes

    December 11, 2015

    ๐Ÿš€ This release is superseded by version 0.7.0

    ๐Ÿš€ This is a security-focused release that addresses a number of vulnerabilities that can expose your system to exploitation. In tandem with this release we have also posted a document to the wiki with advice for securing dompdf. Please read the new document and take appropriate measures to protect your systems.

    ๐Ÿš€ We urge all users to upgrade to this release if you are using dompdf 0.6.1 or earlier.

    ๐Ÿ”„ Change Summary for 0.6.2

    โšก๏ธ This update addresses the following announced vulnerabilities:

    Vulnerability Reference Type Severity
    ๐Ÿš‘ Remote Code Execution (complement of CVE-2014-2383) CVE-2014-5013 Remote Code Execution
    Denial Of Service Vector CVE-2014-5012 Information Disclosure Medium
    Information Disclosure CVE-2014-5011 Information Disclosure Medium
    Arbitrary file read in dompdf using PHP stream filters CVE-2014-2383 Information Disclosure Medium

    ๐Ÿ”„ Change Summary for 0.6.1

    • Removed pre-processing of PHP code when DOMPDF_ENABLE_PHP is true (this does not affect embedded script).
    • ๐Ÿš€ Prior to this release dompdf was vulnerable to an information disclosure vulnerability. Thanks to Portcullis Computer Security Ltd. for reporting the issue. See the security advisory for additional details: Arbitrary file read in dompdf.

    โšก๏ธ This update addresses the following announced vulnerabilities:

    Vulnerability Reference Type Severity
    Arbitrary file read in dompdf using PHP stream filters CVE-2014-2383 Information Disclosure Medium
    ๐Ÿš‘ PHP remote file inclusion vulnerability in dompdf.php CVE-2010-4879 Remote File Inclusion

    ๐Ÿ”„ Change Summary for 0.6.0

    • ๐Ÿ‘ Fonts: Full Unicode support (with embedded fonts); DejaVu fonts pre-installed; php-font-lib now provides font handling and sub-setting
    • ๐Ÿ›  CSS: float support, border radius, transparency, @page, @font-face, generated content, fixed-positioning, transformations
    • ๐Ÿ“œ HTML: HTML5 Parser cleans your HTML syntax
    • ๐Ÿ‘ Images: Expanded image handling (including alpha transparency); added support for Data-URI image sources
    • ๐ŸŽ Performance improvements
    • The project is now hosted on GitHub (the Google Code project is being temporarily maintained).

    Download Instructions

    ๐Ÿš€ Click the link labeled "dompdf-0.6.2.zip" to download the packaged release. The two buttons labeled "Source code" are auto-generated by github and do not include all the necessary files.