Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps - Status | Demo | Docs | Install
  1. Cloudron Forum
  2. Paperless-ngx
  3. out of date Ghostscript in Paperless-NGX

out of date Ghostscript in Paperless-NGX

Scheduled Pinned Locked Moved Paperless-ngx
3 Posts 2 Posters 1.6k Views 2 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • scookeS Offline
    scookeS Offline
    scooke
    wrote on last edited by
    #1

    HI,
    I'm processing a bunch of PDFs at in the logs there is this message

    The installed version of Ghostscript 9.55.0, contains a remote code execution security vulnerability. Please upgrade to a newer version. For details see CVE-2023-43115. The issue is not known to affect OCRmyPDF or processing PDFs with Ghostscript, but upgrading Ghostscript is recommended.
Dec 30 21:38:12[2023-12-30 20:38:12,849] [INFO] [ocrmypdf._pipelines.ocr] Start processing 12 pages concurrently

    However, I thought I saw in the updates for this app that Ghostscript was updated to 10.x.x. Is this needing to be fixed? Thanks!

    A life lived in fear is a life half-lived

    1 Reply Last reply
    1
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #2

      They don't seem o have made their way into Ubuntu atleast. I could also not figure where this error message is coming from. Cannot find it any code repo.

      Even Ubuntu 23.10 only has older gs. Probably not important.

      $ gs --version
10.01.2
      1 Reply Last reply
      0
      • girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #3

        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43115 is the CVE and also appears in security advisory in https://www.ghostscript.com/

        1 Reply Last reply
        0

        Hello! It looks like you're interested in this conversation, but you don't have an account yet.

        Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

        With your input, this post could be even better 💗

        Register Login
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search