Skip to content

Bump pypdf from 6.9.2 to 6.10.2 in /requirements/partial#3498

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/requirements/partial/pypdf-6.10.2
Open

Bump pypdf from 6.9.2 to 6.10.2 in /requirements/partial#3498
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/requirements/partial/pypdf-6.10.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026
edited
Loading

Bumps pypdf from 6.9.2 to 6.10.2.

Release notes

Sourced from pypdf's releases.

Version 6.10.2, 2026-04-15

What's new

Security (SEC)

Full Changelog

Version 6.10.1, 2026-04-14

What's new

Security (SEC)

Robustness (ROB)

Documentation (DOC)

Full Changelog

Version 6.10.0, 2026-04-10

What's new

Security (SEC)

New Features (ENH)

  • Skip MD5 key derivation for AES-256 encrypted PDFs (#3694) by @​Ygnas

Bug Fixes (BUG)

Documentation (DOC)

Full Changelog

Changelog

Sourced from pypdf's changelog.

Version 6.10.2, 2026-04-15

Security (SEC)

  • Do not rely on possibly invalid /Size for incremental cloning (#3735)
  • Introduce limits for FlateDecode parameters and image decoding (#3734)

Full Changelog

Version 6.10.1, 2026-04-14

Security (SEC)

  • Limit the allowed size of xref and object streams (#3733)

Robustness (ROB)

  • Consider strict mode setting for decryption errors (#3731)

Documentation (DOC)

  • Use new parameter names for compress_identical_objects

Full Changelog

Version 6.10.0, 2026-04-10

Security (SEC)

  • Disallow custom XML entity declarations for XMP metadata (#3724)

New Features (ENH)

  • Skip MD5 key derivation for AES-256 encrypted PDFs (#3694)

Bug Fixes (BUG)

  • Use remove_orphans in compress_identical_objects (#3310)
  • Fix PdfReadError when xref table contains comments before trailer (#3710)
  • Correctly verify AES padding during decryption (#3699)
  • Fix stale object cache from non-authoritative object streams (#3698)
  • Fix extract_links pairing when annotations include non-links (#3687)

Documentation (DOC)

Full Changelog

Commits
  • c476b4f REL: 6.10.2
  • c50a010 SEC: Do not rely on possibly invalid /Size for incremental cloning (#3735)
  • ac734da SEC: Introduce limits for FlateDecode parameters and image decoding (#3734)
  • b49e7eb REL: 6.10.1
  • 62338e9 SEC: Limit the allowed size of xref and object streams (#3733)
  • 5dcc0ae DEV: Update pytest-benchmark to 5.2.3
  • b42e4aa DEV: Update pinned pillow and pytest where possible (#3732)
  • 717446b ROB: Consider strict mode setting for decryption errors (#3731)
  • 9e461d3 DEV: Bump softprops/action-gh-release from 2 to 3 (#3730)
  • 500d09d TST: Update test_embedded_file__basic to use tmp_path fixture (#3726)
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies python Pull requests that update Python code labels Apr 16, 2026
@dependabot dependabot bot mentioned this pull request Apr 16, 2026
Closed
@dependabot
Bump pypdf from 6.9.2 to 6.10.2 in /requirements/partial
c407b51 
Bumps [pypdf](https://github.com/py-pdf/pypdf) from 6.9.2 to 6.10.2.
- [Release notes](https://github.com/py-pdf/pypdf/releases)
- [Changelog](https://github.com/py-pdf/pypdf/blob/main/CHANGELOG.md)
- [Commits](py-pdf/pypdf@6.9.2...6.10.2)

---
updated-dependencies:
- dependency-name: pypdf
  dependency-version: 6.10.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/requirements/partial/pypdf-6.10.2 branch from 586ac85 to c407b51 Compare April 16, 2026 16:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@luisa-beerboom luisa-beerboom

Labels

dependencies python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@luisa-beerboom