The ARender team presents version 2023.2.1 of ARender.
Download links: https://www.arender.io/download/v2023
‣ CVE: score 9.8
Ghostscript, an open-source interpreter for the PostScript language and PDF files, disclosed a vulnerability before the 10.01.2 version. This vulnerability was assigned a CVSS score of 9.8 which could allow code execution caused by Ghostscript mishandling permission validation for pipe devices (with the %pipe% or the | pipe character prefix).
Ghostscript has been removed from installers and Docker images for security and licensing management reasons. This action aims to address the above-stated vulnerability. Consequently, by default, PostScript (.ps), Encapsulated PostScript (.eps), and Office files containing PostScript are no longer supported. We recommend installing Ghostscript (version 10.01.2 or higher) and obtaining a valid license to re-enable this support.