Dear all, The Open Preservation Foundation is releasing an update to veraPDF 1.26. This patched release <https://openpreservation.org/news/verapdf-1-26-5-patch-released/?q=3> addresses a potential vulnerability when running custom Schematron profiles. veraPDF is an open-source, industry-supported PDF/A and PDF/UA validator and part of the OPF reference toolset. This release comprises a single fix: - Set secure parameter for XSLT transformation To learn more about the new fixes and features, read the release notes <https://github.com/veraPDF/veraPDF-library/releases/tag/v1.26.5>. To read more about the vulnerability, read the advisory CVE-2024-52800 <https://github.com/veraPDF/veraPDF-library/security/advisories/GHSA-4cx5-89vm-833x> . Download veraPDF 1.26.5 <https://software.verapdf.org/releases/verapdf-installer.zip> Subscribe <http://lists.verapdf.org/listinfo/users> to the veraPDF user mailing list. Best wishes, Helena -- Helena Watson (she/her), Marketing Officer Open Preservation Foundation (OPF) <https://openpreservation.org/> X <http://twitter.com/openpreserve> | GitHub <https://github.com/openpreserve/> | Mailing List <http://openpreservation.org/subscribe> Please note: I work part-time for OPF, please bear with me if I don't reply to your email right away. I may email you at a time that is convenient for me, but please don't feel the need to respond outside of your working hours. Discover the benefits of OPF membership <https://openpreservation.org/membership>Received on Fri Jan 10 2025 - 09:43:34 EST