Hello! Could you please also comment on JQuery and nginx ( outdated versions ) for 7.0.0.0 ( Ultimaker S5 ). We are also have complains from our IT department due to firmware vulnerabilities. Will it be updated in the next patch? Thank you!
Edited by esertuk
@esertuk Just like @CarloK said above none of our printers are using the configuration option that allows for that particular exploit, so we are not rushing to include a new version. Nor are we currently aware of any CVE for nginx that we do expose our users to since all require specific configurations we don't use). We do asses security concerns on an ongoing basis, I imagine you could contact support and request our latest security assessment documentation.
I think the Jquery CVE's concerning XSS are a valid concern (albeit with the low impact of at worst (re-)starting a print, not retrieval of information AFAIK).
The S3 and the S5 have the option to enable the firewall, you can still use the cloud platform if you do but none of the software running on the printer is exposed to attackers on your internal network. This should alleviate any concerns from your IT department.
Edit: Adding up-sell, FTW? 😛
If your organization subscribes to Ultimaker Essentials your IT department can block access to the printer settings by configuring a pin code and enable the firewall on all printers remotely.
// Now I feel dirty, you can just enable the firewall and tell everyone to leave it on.
adding the up-sell
-
Our picks
-
Here it is. The new UltiMaker S7
MariMakes posted a topic in Official news,
The UltiMaker S7 is built on the success of the UltiMaker S5 and its design decisions were heavily based on feedback from customers.
So what’s new?
The obvious change is the S7’s height. It now includes an integrated Air Manager. This filters the exhaust air of every print and also improves build temperature stability. To further enclose the build chamber the S7 only has one magnetically latched door.
The build stack has also been completely redesigned. A PEI-coated flexible steel build plate makes a big difference to productivity. Not only do you not need tools to pop a printed part off. But we also don’t recommend using or adhesion structures for UltiMaker materials (except PC, because...it’s PC). Along with that, 4 pins and 25 magnets make it easy to replace the flex plate perfectly – even with one hand.
The re-engineered print head has an inductive sensor which reduces noise when probing the build plate. This effectively makes it much harder to not achieve a perfect first layer, improving overall print success. We also reversed the front fan direction (fewer plastic hairs, less maintenance), made the print core door magnets stronger, and add a sensor that helps avoid flooding.
The UltiMaker S7 also includes quality of life improvements:
Reliable bed tilt compensation (no more thumbscrews) 2.4 and 5 GHz Wi-Fi A 1080p camera (mounted higher for a better view) Compatibility with 280+ Marketplace materials Compatibility with S5 project files (no reslicing needed) And a whole lot more
Curious to see the S7 in action?
We’re hosting a free tech demo on February 7.
It will be live and you can ask any questions to our CTO, Miguel Calvo.
Register here for the Webinar-
-
- 10 replies
.thumb.jpeg.0b7a05eafc09add17b8338efde5852e9.jpeg)
Picked By
MariMakes, -
-
.png.e7a3560300dbb24c6ece29a701a84b73.png)
Cura 5.3 Alpha With New Tree Support 🎄
MariMakes posted a topic in Ultimaker Cura,
Are you a fan of tree support, but dislike the removal process and the amount of filament it uses? Then we would like to invite you to try this special release of UltiMaker Cura. Brought to you by our special community contributor @thomasrahm
We generated a special version of Cura 5.2 called 5.3.0 Alpha + Xmas. The only changes we introduced compared to UltiMaker Cura 5.2.1 are those which are needed for the new supports. So keep in mind, this is not a sneak peek for Cura 5.3 (there are some really cool new features coming up) but a spotlight release highlighting this new version of tree supports.-
-
- 16 replies
Picked By
MariMakes, -
-
New here? Get ahead with a free onboarding course
SandervG posted a topic in Official news,
Hi,
Often getting started is the most difficult part of any process. A good start sets you up for success and saves you time and energy that could be spent elsewhere. That is why we have a onboarding course ready for
Ultimaker S5 Pro Bundle, Ultimaker S5, Ultimaker S3 Ultimaker 2+ Connect.
They're ready for you on the Ultimaker Academy platform. All you need to do to gain access is to register your product to gain free access.
Ready? Register your product here in just 60 seconds.-
-
- 14 replies
Picked By
SandervG, -
-
.thumb.jpeg.0b7a05eafc09add17b8338efde5852e9.jpeg)
.png.e7a3560300dbb24c6ece29a701a84b73.png)
Recommended Posts
CarloK 190
@noverby Thanks for bringing this to our attention. We checked the vulnerability and it's only applicable when a certain configuration option in nginx is active. In our UM3 printers that option is not present, so this CVE is not applicable.
I'll make a note to update nginx in a next release, but because it has no impact on our printers we won't rush a new release.
Link to post
Share on other sites
noverby 0
Thanks @CarloK!
Link to post
Share on other sites