diff options
author | Jay Berkenbilt <ejb@ql.org> | 2021-02-04 21:55:41 +0100 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2021-02-04 21:57:13 +0100 |
commit | 21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0 (patch) | |
tree | dfdba5b04e3cca31c0243cdc9032d2e30738c3e9 /ChangeLog | |
parent | faa2e3ddfd7e5bfd0922deb49b9c88e8eee08fbd (diff) | |
download | qpdf-21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0.tar.zst |
Require --allow-insecure to create certain encrypted files (fixes #501)
For now, --allow-insecure allows creation of files with the owner
passwords empty or matching the user password.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -1,3 +1,12 @@ +2021-02-04 Jay Berkenbilt <ejb@ql.org> + + * By default, give an error if a user attempts to encrypt a file + with an empty owner password or an owner password that is the same + as the user password. Such files are insecure. Most viewers either + won't open such files or will not enforce security settings. To + allow explicit creation of files like this, pass the new + --allow-insecure option. Fixes #501. + 2021-02-02 Jay Berkenbilt <ejb@ql.org> * Bug fix: if a form XObject lacks a resources dictionary, |