Support Announcements

Log4j Vulnerability Notice:

We have reviewed our implementation of 3rd party jars that ship with both our VirtualViewer and RasterMaster products. We have confirmed that log4j.jar is included as a dependency of ghost4j.jar which itself is a dependency of tess4j-4.5.2.jar. We make use of tess4j-4.5.2.jar for our OCR functionality.

Is Your Product Impacted?

The vulnerability only exists in log4j 1.X if configured to use the JMSAppender. The default builds of VirtualViewer® and RasterMaster® are only unsafe if the JMSAppender is added.

Remediation Steps:

If you need to use JMS Appender, or prefer log4j completely be eliminated from the Snowbound product, delete these files:

1. For VirtualViewer: Navigate to [virtualviewer]/WEB-INF/lib           For RasterMaster: Navigate to [rastermaster]/lib
2. Delete ghost4j-1.0.1.jar
3. Delete log4j-1.2.17.jar

We are working on a permanent solution which we expect to release at the end of this month.

IMPORTANT: To request the updated build when the solution is available at the end of this month, please login to the support portal to log a case.

Discontinued Support:

  • As of November 2017, Snowbound has discontinued support for .NET Framework older than 4.5.2.
  • Snowbound has discontinued support for JRE 1.5x and older.
  • As of 6/11/15, Snowbound discontinued support for Windows 2003 server.
  • For a full list of what we support, click here.