There were some bugs with security implications reported in Podofo recently: http://seclists.org/oss-sec/2017/q2/0 http://seclists.org/oss-sec/2017/q2/1 http://seclists.org/oss-sec/2017/q2/2 I noticed some fixes committed to the Podofo SVN repo: https://sourceforge.net/p/podofo/mailman/podofo-svn/?viewmonth=201706 We need to try to cherry-pick these fixes.