Technical News | Page 1

ARender 2023.2.1 Release Notes

Written by Admin | Jun 7, 2024 8:29:12 AM

The ARender team presents version 2023.2.1 of ARender.

Download links: https://www.arender.io/download/v2023

Security

‣ CVE: score 9.8

Ghostscript, an open-source interpreter for the PostScript language and PDF files, disclosed a vulnerability before the 10.01.2 version. This vulnerability was assigned a CVSS score of 9.8 which could allow code execution caused by Ghostscript mishandling permission validation for pipe devices (with the %pipe% or the | pipe character prefix).

Ghostscript has been removed from installers and Docker images for security and licensing management reasons. This action aims to address the above-stated vulnerability. Consequently, by default, PostScript (.ps), Encapsulated PostScript (.eps), and Office files containing PostScript are no longer supported. We recommend installing Ghostscript (version 10.01.2 or higher) and obtaining a valid license to re-enable this support.