1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
<!--START EDITING HERE-->
<h1>Recent Changes in Ghostscript</h1>
<!-- [1.0 end visible header] ============================================== -->
<!-- [2.0 begin contents] ================================================== -->
<h2><a name="Version10.07.0"></a>Version 10.07.0 (2026-03-16)</h2>
<p> Highlights in this release include:
<ul>
</li>
<li>
<p>The 10.07.0 release is a maintenance release:
</li>
<li>
<p>This release addresses CVEs: TBC (Two applied for)
</li>
<li>
<p>The wider adoption of "C99" and later features has reached the point
where we must ease our policy on this area. The Ghostscript/GhostPDL codebase will
remain "C89" plus widely supported extensions but, as of the 10.08.0
release, our included third party libraries will will be permitted to use
"C99" and potentially later features.
</li>
<li>
<p>The 10.07.0 removes the non-standard operator ".tempfile", and removes the "temp" directory
from the default file permission lists. By default, such access is now only available internally, not from
"user level" PostScript
</li>
<li>
<p>Our efforts in code hygiene and maintainability continue.
</li>
<li>
<p>The usual round of bug fixes, compatibility changes, and incremental improvements.
</li>
</ul>
<p>For a list of open issues, or to report problems,
please visit <a href="http://bugs.ghostscript.com/">bugs.ghostscript.com</a>.
<h3><a name="10.07.0_Incompatible_changes"></a>Incompatible changes</h3>
<h4>Included below are incompatible changes from recent releases (the
specific release in question is listed in parentheses). We include these,
for now, as we are aware that not everyone upgrades with every release.</h4>
<ul>
<li>
<p>The 10.07.0 removes the non-standard operator ".tempfile", and removes the "temp" directory
from the default file permission lists. By default, such access is now only available internally, not from
"user level" PostScript
</li>
<li>
<p><b>IMPORTANT:</b> (10.04.0) we added protection for device selection from PostScript input. This will mean that, by default,
only the device specified on the command line will be permitted. Similar to the file permissions, there will be a
"--permit-devices=" allowing a comma separation list of allowed devices. This will also take a single wildcard
"*" allowing any device.
<p>Any application which relies on allowing PostScript to change devices during a job will have to be aware, and take action
to deal with this change.
<p>The exception is "nulldevice", switching to that requires no special action.
</li>
<li>
<p>(10.03.1) Almost all the "internal" PostScript procedures defined
during the interpreter startup are now "executeonly", further reducing
the attack surface of the interpreter.
<p>The nature of these procedures means there should be no impact for legitimate
usage, but it is possible it will impact uses which abuse the previous accessibility
(even for legitimate reasons). Such cases may now require "DELAYBIND",
See <a href="https://ghostscript.readthedocs.io/en/latest/Use.html#ddelaybind">DELAYBIND</a>
</li>
<li>
<p>(10.03.1) The "makeimagedevice" non-standard operator has been removed. It allowed
low level access to the graphics library in a way that was, essentially impossible to secure.
</li>
<li>
<p>(10.03.1) The "putdeviceprops", "getdeviceprops", "finddevice",
"copydevice", "findprotodevice" non-standard operators have all been removed.
They provided functionality that is either accessible through standard operators, or should not
be used by user PostScript.
</li>
<li>
<p>(10.03.1) The process of "tidying" the PostScript namespace should have removed
only non-standard and undocumented operators. Nevertheless, it is possible that
any integrations or utilities that rely on those non-standard and undocumented
operators may stop working or may change behaviour.
<p>If you encounter such a case, please contact us (<a href="https://discord.gg/H9GXKwyPvY">Discord<a>,
<a href="https://web.libera.chat/#ghostscript">#ghostscript IRC channel</a>,
or the gs-devel mailing list would be best), and we'll work with you to either find an
alternative solution or return the previous functionality, if there is genuinely no other
option.
</li>
<li>
<p>(9.55.0) Changes to the <code>device API</code>. This will affect developers and maintainers of
Ghostscript devices. Firstly, and most importantly, the way device-specific "procs" are specified has
been rewritten to make it (we think!) clearer and less confusing. See
<a href="https://ghostscript.readthedocs.io/Drivers.htm">The Interface between Ghostscript and Device Drivers</a> and
<a href="https://www.notion.so/artifexsoftware/The-Great-Device-Rework-Of-2021-94092fe1395d4a088b91462f0ca5038a">The Great Device Rework Of 2021</a>
for more details.
</li>
<li>
<p>(9.55.0) The command line options <code>-sGraphicsICCProfile=___</code>, <code>-dGraphicsIntent=#</code>, <code>-dGraphicsBlackPt=#</code>,
<code>-dGraphicsKPreserve=#</code> have been changed to <code>-sVectorICCProfile=___</code>, <code>-dVectorIntent=#</code>, <code>-dVectorBlackPt=#</code>,
<code>-dVectorKPreserve=#</code>.
</li>
<li>
<p>(9.53.0) As of 9.53.0, we have (re-)introduced the patch level to the version number,
this helps facilitate a revised policy on handling security-related issues.
<p><strong>Note for GSView Users: </strong>The patch level addition breaks GSView 5 (it is
hardcoded to check for versions <code>704-999</code>. It is possible, but not guaranteed that
a GSView update might be forthcoming to resolve this.
</li>
<li>
<p>(9.52) <code>-dALLOWPSTRANSPARENCY</code>: The transparency compositor (and related
features), whilst we are improving it, remains sensitive to being driven correctly, and
incorrect use can have unexpected/undefined results. Hence, as part of improving security,
we limited access to these operators, originally using the <code>-dSAFER</code> feature.
As we made "SAFER" the default mode, that became unacceptable, hence the new option
<code>-dALLOWPSTRANSPARENCY</code> which enables access to the operators.
</li>
<li>
<p>(9.50) There are a couple of subtle incompatibilities between the old and new SAFER
implementations. Firstly, as mentioned in the 9.50 release notes, SAFER now leaves
standard PostScript functionality unchanged (except for the file access limitations).
Secondly, the interaction with <code>save</code>/<code>restore</code> operations
has changed. See <a href="https://ghostscript.readthedocs.io/Use.htm#Safer">SAFER</a>.
<p><strong>Important Note for Windows Users</strong>:
<br>
The file/path pattern matching is case-sensitive, even on Windows. This is a
change in behaviour compared to the old code which, on Windows, was case
<i>in</i>sensitive. This is in recognition of changes in Windows behaviour,
in that it now supports (although does not enforce) case sensitivity.
</li>
</ul>
<h3><a name="10.07.0_changelog"></a>Changelog</h3>
<p>From 9.55.0 onwards, in recognition of how unwieldy very large HTML files can become
(History9.html had reached 8.1Mb!), we intend to only include the summary highlights (above).
<p>For anyone wanting the full details of the changes in
a release, we ask them to look at the history in our public git repository:
<a href="https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/log/?h=gs10.07.0">ghostpdl-10.07.0</a> log.
<p>If this change does not draw negative feedback, History?.htm file(s) will be removed from the release archives.
<!-- [2.0 end contents] ==================================================== -->
<!-- [3.0 begin visible trailer] =========================================== -->
<hr>
<p>
<small>Copyright © 2005-2026 Artifex Software, Inc.
All rights reserved.</small>
<p>
This software is provided AS-IS with no warranty, either express or
implied.
This software is distributed under license and may not be copied, modified
or distributed except as expressly authorized under the terms of that
license. Refer to licensing information at <a href="https://www.artifex.com">https://www.artifex.com</a>
or contact Artifex Software, Inc., 39 Mesa Street, Suite 108A, San Francisco, CA 94129, USA,
<p>
<small>Ghostscript version 10.07.0, 16 March 2026
<!-- [3.0 end visible trailer] ============================================= -->
<!--FINISH EDITING HERE-->
|
