Skip to content

Dompdf 2.0.2
Compare
Choose a tag to compare
@bsweeney bsweeney released this 31 Jan 13:32
· 115 commits to master since this release
v2.0.2
ad4c631
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release has been superseded by version 2.0.3

Change highlights since 2.0.1

  • Improved CSS selector parsing and handling, particularly around psuedo-classes
  • Addressed issues with too-eager whitespace removal
  • Updated Cpdf back end to fix rendering of unclosed paths in SVG images

This release addresses the following vulnerability:

Vulnerability References Type Severity
URI validation failure on SVG parsing GHSA-3cw5-7cxw-v5qg, CVE-2023-23924 Remote Code Execution Critical

2.0.x highlights

  • Modifies callback and page_script/page_text handling
  • Switches the HTML5 parser to Masterminds/HTML5
  • Improves CSS property parsing and representation
  • Switches installed fonts and font metrics cache file format to JSON

The list of addressed issues can be found in the 2.0.2 release milestone. View all changes since the previous release in the commit history.

We would like to extend our gratitude to the community members who helped make this release possible.

Requirements

Dompdf 2.0.2 requires the following:

  • PHP 7.1 or greater
  • html5-php v2.0.0 or greater
  • php-font-lib v0.5.4 or greater
  • php-svg-lib v0.3.3 or greater

Additionally, the following are recommended for optimal use:

  • GD (for image processing)

For full requirements and recommendations see the requirements page on the wiki.

Download Instructions

The dompdf team recommends that you use Composer for easier dependency management.

If you're not yet using Composer you can download a packaged release of dompdf which includes all the files you need to use the library. Click the link labeled "dompdf_2-0-2.zip" for the packaged release.

Assets 3