Require --allow-insecure to create certain encrypted files (fixes #501)

For now, --allow-insecure allows creation of files with the owner passwords empty or matching the user password.
author: Jay Berkenbilt <ejb@ql.org> 2021-02-04 21:55:41 +0100
committer: Jay Berkenbilt <ejb@ql.org> 2021-02-04 21:57:13 +0100
commit: 21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0 (patch)
tree: dfdba5b04e3cca31c0243cdc9032d2e30738c3e9 /ChangeLog
parent: faa2e3ddfd7e5bfd0922deb49b9c88e8eee08fbd (diff)
download: qpdf-21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0.tar.zst
1 files changed, 9 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 2670dd07..32410df9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2021-02-04  Jay Berkenbilt  <ejb@ql.org>
+
+	* By default, give an error if a user attempts to encrypt a file
+	with an empty owner password or an owner password that is the same
+	as the user password. Such files are insecure. Most viewers either
+	won't open such files or will not enforce security settings. To
+	allow explicit creation of files like this, pass the new
+	--allow-insecure option. Fixes #501.
+
 2021-02-02  Jay Berkenbilt  <ejb@ql.org>
 
 	* Bug fix: if a form XObject lacks a resources dictionary,
author	Jay Berkenbilt <ejb@ql.org>	2021-02-04 21:55:41 +0100
committer	Jay Berkenbilt <ejb@ql.org>	2021-02-04 21:57:13 +0100
commit	21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0 (patch)
tree	dfdba5b04e3cca31c0243cdc9032d2e30738c3e9 /ChangeLog
parent	faa2e3ddfd7e5bfd0922deb49b9c88e8eee08fbd (diff)
download	qpdf-21b0f4acfc0d6827f3d2d9a85873b7b649dc96f0.tar.zst