The latest official version 1.9.1 of this open source 3D printer slicing software OrcaSlicer In addition to several bug fixes, it brings with it an important security improvement.
The development team has updated OrcaSlicer to prevent sensitive information such as printer hostnames and API keys from being included in generated G-Code files. Previously, these connection details were provided with the OctoPrint and Moonraker systems, posing potential security risks when sharing files over the Internet. It is possible that attackers could have exploited this information to gain unauthorized access to printers with public IP addresses.
The update now removes this risk completely. However, the developers emphasize that the risk only exists for users whose printers can be accessed directly over the Internet. When using local IP addresses (eg 192.168.xx) or network names, the risks are minimal. However, the team recommends that all users whose printers are publicly accessible update their API keys in OctoPrint, Moonraker, or similar services as a precaution. The vulnerability was identified and reported by Gina Häußge of OctoPrint.
3MF project files and Bambu Lab printers are not affected by the vulnerability.
In addition to fixing the security issue, version 1.9.1 contains other bug fixes. Issues with rollback, acceleration, and vibration restriction in PA style calibration have been resolved. Additionally, display issues with AMD Vega GPUs have been addressed and errors in autoplay and other rotation-related operations have been corrected.
Don't miss any other news!
We deliver the most important news and information on the topic of 3D printing to your inbox every week for free. Log in here. We are there too LinkedIn To exist. You can us Follow here!
“Total coffee aficionado. Travel buff. Music ninja. Bacon nerd. Beeraholic.”
More Stories
Warning at Pepco: a large-scale recall campaign due to dangerous products – Vorarlberg –
Leadership questionnaire and Tuesday meeting
Mini Countryman: Outdoes itself