Created attachment 178189 [details] Update to version 3.15 The most notable changes in this release are: - Various improvements to HSSF and XSSF. - XSSF performance improvements for large numbers of named ranges. - Progress towards enums rather than ints for various types (no breaking changes at this stage) - CellStyle#BORDER_HAIR and #BORDER_DOTTED were swapped to correctly reflect the official names and to be consistent with BorderStyle enum. HAIR has smaller dots than DOTTED. - Removal of deprecated classes and methods detailed on https://bz.apache.org/bugzilla/show_bug.cgi?id=59170
A commit references this bug: Author: robak Date: Tue Mar 28 17:36:53 UTC 2017 New revision: 437143 URL: https://svnweb.freebsd.org/changeset/ports/437143 Log: textproc/apache-poi: update 3.14 -> 3.15 PR: 215481 Submitted by: pfg Changes: head/textproc/apache-poi/Makefile head/textproc/apache-poi/distinfo
Committed, thanks!
For the record ... The Apache software Foundation has issued: CVE-2017-5644 - Possible DOS (Denial of Service) in Apache POI versions prior to 3.15. Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack. Users with applications which accept content from external or untrusted sources are advised to upgrade to Apache POI 3.15 or newer. We are safe now, but maybe a vuxml entry is pertinent.