Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (2)

Resolved Is this Ghostscript security flaw something Appeon is aware of?

  1. Issue
1
Votes
Undo
  1. Roland Smith
    Roland Smith
  2. PowerBuilder
  3. Friday, 14 July 2023 12:55 PM UTC

https://www.bleepingcomputer.com/news/security/critical-rce-found-in-popular-ghostscript-open-source-pdf-library/

This was brought to our attention by one of customers who uses InfoMaker.

'' random_name computed columns in SQL translate d...
OLE Activate PowerBuilder Error R0039
Responses (2)
Miguel Leeuwe
Miguel Leeuwe Accepted Answer Pending Moderation
  1. Tuesday, 18 July 2023 04:07 AM UTC
  2. PowerBuilder
  3. # 1

Hi,

Isn't the solution simple? Just upgrade to v10.01.2 ?

https://www.ghostscript.com/releases/gsdnld.html

regards

Comment
Roland Smith
  1. Roland Smith
  2. Tuesday, 18 July 2023 12:39 PM UTC
In May we released a version of our app built with PB 2022. The previous version of our app uses PB 2019 Build 2170 which cannot be used with 9.54 or higher because it just generates a blank page. This PB bug was fixed in a later build of PB 2019. Build 2170 doesn't have the 'Always use NativePDF' option in the application object, it was added in R2. We might end up issuing a patch with code added to force NativePDF.
  1. Helpful 2
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Tuesday, 18 July 2023 13:15 PM UTC
Thanks for the explanation!
  1. Helpful
There are no comments made yet.
Chris Pollach @Appeon
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Friday, 14 July 2023 15:24 PM UTC
  2. PowerBuilder
  3. # 2

Hi Roland;

  Since GhostScript is only one external PostScript printer emulator to produce PDF's. As this is external to IM, Appeon does not track these sort of things. However, thank you so much for bringing this security issue to light for the Appeon Community!

  Appeon has been encouraging though the use of IM's new internal NativePDF! feature in recent releases - so that is one way of avoiding the GS security issue. Also moving off GS to another external 3rd party PostScript PDF driver is also another alternative.  HTH

Regards ... Chris

Comment
Load more comments
Andreas Mykonios
  1. Andreas Mykonios
  2. Monday, 17 July 2023 12:33 PM UTC
Hi.

It's available in datawindows when using saveas function. In PB 2022 there are also some additional features related to PDF but those are for beta testing. PB 2022 R2 will offer many new features about PDF support.

Andreas.
  1. Helpful 1
Miguel Leeuwe
  1. Miguel Leeuwe
  2. Monday, 17 July 2023 13:49 PM UTC
Not trying to be negative, but also test very well when using NativePDF! The list of bugs has been quite long since its introduction and I'm not sure they've all been solved in today's versions.
  1. Helpful 1
Roland Smith
  1. Roland Smith
  2. Monday, 17 July 2023 19:49 PM UTC
How would it work using something other than Ghostscript?

I have an example app that saves Datawindow data to PostScript and then runs the Ghostscript exe. I'm guessing it would be similar?

https://www.topwizprogramming.com/freecode_ghostscript.html

  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.
We use cookies which are necessary for the proper functioning of our websites. We also use cookies to analyze our traffic, improve your experience and provide social media features. If you continue to use this site, you consent to our use of cookies.