AddOn

Vendor: Security fix: https://github.com/dompdf/dompdf/issues/2994

Vendor: Change highlights since 2.0.0

Improved font-face declaration parsing and handling
Improved layout of images with percentage-based dimensions

Update: pdf.js v2.16.105

PDF.js Vendor Update
Full Changelog: https://github.com/FriendsOfREDAXO/pdfout/compare/6.0.0…6.1.0

## What’s Changed
* $this entfernt by skerbis in https://github.com/FriendsOfREDAXO/pdfout/pull/51 * Update pdfout.php by skerbis in https://github.com/FriendsOfREDAXO/pdfout/pull/52
* check for $outattach by @skerbis in https://github.com/FriendsOfREDAXO/pdfout/pull/53

Thanks to @staabm & REXStan it’s also a bit better in code

Full Changelog: https://github.com/FriendsOfREDAXO/pdfout/compare/5.2.0…6.0.0

Updated to version 2 of @dompdf – thanks

Change highlights since 1.2.x

- Addresses multiple security vulnerabilities (see below)
- Modifies callback and page_script/page_text handling (breaking change, see below)
- Switches the HTML5 parser to Masterminds/HTML5
- Improves CSS property parsing and representation
- Improves border, outline, and background rendering for inline elements
- Switches installed fonts and font metrics cache file format to JSON
- Adds support for the inset CSS shorthand property and the legacy break-word keyword for word-break
- Adds “end_document” callback event

Vulnerability | References | Type | Severity
— | — | — | —
Improper Restriction of XML External Entity Reference | #2564 | Information Disclosure | TBD
Deserialization of Untrusted Data | #2564 | Remote Code Execution | Critical
External Control of File Name or Path | #2564 | Information Disclosure | TBD
Server-Side Request Forgery | #2564 | Information Disclosure | TBD

and much more

More Information https://github.com/dompdf/dompdf/releases/tag/v2.0.0

Updated to version 2 of @dompdf

Change highlights since 1.2.x

- Addresses multiple security vulnerabilities (see below)
- Modifies callback and page_script/page_text handling (breaking change, see below)
- Switches the HTML5 parser to Masterminds/HTML5
- Improves CSS property parsing and representation
- Improves border, outline, and background rendering for inline elements
- Switches installed fonts and font metrics cache file format to JSON
- Adds support for the inset CSS shorthand property and the legacy break-word keyword for word-break
- Adds “end_document” callback event

Vulnerability | References | Type | Severity
— | — | — | —
Improper Restriction of XML External Entity Reference | #2564 | Information Disclosure | TBD
Deserialization of Untrusted Data | #2564 | Remote Code Execution | Critical
External Control of File Name or Path | #2564 | Information Disclosure | TBD
Server-Side Request Forgery | #2564 | Information Disclosure | TBD

and much more

More Information https://github.com/dompdf/dompdf/releases/tag/v2.0.0

• PDF auf dem Server speichern

Mit dem Parameter “$saveToPath” kann man einen Pfad definieren, auf welchem die generierte PDF auf dem Server gespeichert wird.

https://github.com/FriendsOfREDAXO/pdfout/issues/49
@danspringer

Vendor 1.2.2
@skerbis

Menüpunkt entfernt.
Die Readme ist weiterhin in AddOns erreichbar.

Vendor: v1.2.1

Security fixes:
https://positive.security/blog/dompdf-rce

More:
https://github.com/dompdf/dompdf/releases/tag/v1.2.1

Dpi wieder auf 100
@olien

Kleine Textkorrekturen in der Readme

- Deprecated Methoden durch neue getOptions() ersetzt.
- Ausgangspfad ist jetzt rex_path::frontend()

Sofern keine eigenen Änderungen oder abgewandelte Classes verwendet werden, sollte das Update keine Probleme verursachen.

vendor: ‘v1.2.0’

4.0 – 4.3.0
- New class: PdfOut
- New PdfOut::sendPdf($filename,$html)
- New PdfOut::viewer($file)

Die neue Methode PdfOut::sendPdf() ermöglicht es schnell und unkompliziert DIN A4 Dokumente mit allen erforderlichen Einstellungen zu erstellen. PdfOut::viewer() liefert immer die korrekte URL zum Viewer.