v1.2.1 #7
xt765
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
[1.2.1] - 2025-03-02
Security Fixes
pypdf Security Vulnerabilities: Upgraded pypdf>=6.7.4, fixing 3 CVEs
CVE-2026-28351: RunLengthDecode streams can exhaust RAM
CVE-2026-27888: FlateDecode XFA streams can exhaust RAM
CVE-2026-27628: Circular references cause infinite loop
MCP SDK Upgrade: Upgraded mcp>=1.26.0
Test Code Security: Refactored path traversal test code to avoid static analysis false positives
Changed
Dependency Upgrades:
mcp>=1.23.0 → mcp>=1.26.0
pypdf>=6.7.1 → pypdf>=6.7.4
typing_extensions>=4.12.0 → typing_extensions>=4.15.0
Full Changelog: v1.2.0...v1.2.1
This discussion was created from the release v1.2.1.
Beta Was this translation helpful? Give feedback.
All reactions