November 2024

NEW • Last updated 29 de nov. de 2024

• Fix for critical vulnerability in PostgreSQL for the NDD Print MF Epson module

• Fix for critical vulnerability in PostgreSQL for the NDD Print MF HP module

• .NET Core 8.0 compatibility update for NDD Print 360 Server

Fix for critical vulnerability in PostgreSQL for the NDD Print MF Epson module

Description

A critical vulnerability was identified in PostgreSQL, as described in CVE-2024-10978, which impacted the versions used by the NDD Print MF Epson component. This vulnerability posed a significant risk to the integrity and security of the data stored and processed by the system.

To mitigate this threat, PostgreSQL was updated to a corrected version, eliminating the associated risks.

Update details

• Previous (vulnerable) version: PostgreSQL 16.3-2

• New version (patched): PostgreSQL 16.6-1

The update to the patched version was applied to ensure the security and reliability of the NDD Print MF Epson component, avoiding potential exploits of the identified vulnerability.

Impact

• Module affected: NDD Print MF Epson with version lower than 5.7.1.

• Risk mitigated: Risks related to data integrity and possible unauthorized access that could compromise sensitive information.

Actions

• In environments using version 5.5.1 or higher, we recommend updating to version 5.7.1 of NDD Print MF Epson.

Fix for critical vulnerability in PostgreSQL for the NDD Print MF HP module

Description

A critical vulnerability was identified in PostgreSQL, as described in CVE-2024-10978, which impacted the versions used by the NDD Print MF HP component. This vulnerability posed a significant risk to the integrity and security of the data stored and processed by the system.

To mitigate this threat, PostgreSQL was updated to a corrected version, eliminating the associated risks.

Update details

• Previous (vulnerable) version: PostgreSQL 16.3-2

• New version (patched): PostgreSQL 16.6-1

The update to the patched version was applied to ensure the security and reliability of the NDD Print MF HP component, avoiding potential exploits of the identified vulnerability.

Impact

• Module affected: NDD Print MF HP with version lower than 5.27.1.

• Risk mitigated: Risks related to data integrity and possible unauthorized access that could compromise sensitive information.

Actions

• In environments using version 5.25.10 or higher, we recommend updating to version 5.27.1 of NDD Print MF HP.

.NET Core 8.0 compatibility update for NDD Print 360 Server

Description

NDD Print 360 Server has been updated to be compatible with Microsoft .NET Core 8.0. This update aims to mitigate vulnerabilities associated with discontinued versions and improve the security of the system, bringing it into line with cybersecurity best practices.

Approved version

• Runtime used: http://asp.net/ Core 8.0.11.

Impact

This update guarantees greater protection against vulnerabilities already known in discontinued versions of .NET Core, as well as offering performance and reliability improvements.

Warning

• No immediate action is required.

• Upgrading NDD Print 360 Server to version 5.65.10 in your environment is recommended only if you identify a specific need to migrate to the new version of .NET Core.

If you have any questions or would like additional support, please contact our support team at suportenddprint@ndd.tech.