![]() Therefore we have decided to deprecate the SignatureUtil#verifySignature and PdfPKCS7#verify methods, and replace them with SignatureUtil#readSignatureData and PdfPKCS7#verifySignatureIntegrityAndAuthenticity which have been introduced in iText 7.1.6. However, it was determined that the current names of the methods for checking and verifying signatures could be improved to better reflect their functionality. If you would like to confirm your installation by using the PDF documents we utilized in our tests, you can access our test suite on GitHub. ![]() In addition (and although iText 5 is now EOL (except for security releases)), we have released a maintenance update ( version 5.5.13.1) to support these users as well. ![]() ![]() After investigating these vulnerabilities, we found that recent updates to iText introduced in version 7.1.5 mean we are not vulnerable to the described attacks. In February 2019, a team of security researchers from the Ruhr-University Bochum in Germany published details of vulnerabilities in the digital signing system of many PDF viewers and online PDF digital signing services.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |