A while ago, the Bouncy Castle Crypto API was upgraded from 1.46 to 1.47. This upgrade was a major one: we had to change all the code related to digital signatures. While we were at it, we decided to completely re-engineer the way iText digitally signs a PDF document. All signing code has been moved to a separate security package. We removed all the traditional ways of signing (some of which will be deprecated as soon as the PDF 2.0 specification is released) in favor of detached signatures, both CMS as well as CADES style. In other words: on top of support for PAdES 2 and 4, we now also support PAdES 3. Signing a message digest outside iText (for instance using a smart card) is now a no-brainer thanks to the ExternalSignature interface. As a result, you'll have to change your code in case you're using the digital signature functionality. You'll discover that the new interface is much more straight-forward and easier to use.
PdfSmartCopy now does a better job avoiding redundant objects when concatenating PDFs; the image class is now smarter in retrieving the resolution of images; we added a check to avoid the creation of pages that have a larger size than allowed according to ISO-32000-1.
We deprecated HTMLWorker in favor of XML Worker. XML Worker does a really job job at converting XHTML to PDF, so there's really no reason to continue using HTMLWorker.
We also fixed some bugs that were introduced in the 5.2.x versions: there were some problems with PDFs with huge file sizes, the CJK changes broke the VerticalText functionality, finally we applied plenty of small enhancements and fixed several minor bugs in ColumnText (and related classes such as PdfLine).
Enjoy iText 5.3.0!