Long-Term Support of ParaView

Since ParaView 5.13 is out (release notes here), Kitware is proud to announce the Long-Term Support (LTS) of the previous versions of ParaView: 5.10.2-LTS, 5.11.2-LTS and 5.12.1-LTS.

ParaView for Production Environments

ParaView is widely used in research and industry. Using it in a production environment comes with several challenges. There could be long deployment cycles due to validation needs of the tooling, heavy compliance process to certify production software or extensive checks to detect feature regressions when it comes to specific domain usages. This is especially relevant when users have developed a custom application based on ParaView.

Not updating software in a production environment may lower security and reduce the stability of the systems. It may lead to serious data loss and security breach exploits like unauthorized access to classified data, applications, networks or devices.

Up to now, when critical bugs or security issues are detected, ParaView users had to use the latest version to get the patches. Some advanced users were able to backport some patches to their production version, but this is unfortunately a minority as it requires advanced software development skills.

To help reduce the risk of using an outdated version of ParaView in a production environment, Kitware now provides special branches and dedicated git tags of the ParaView code for this purpose. This branch contains critical bug fixes backported to the previous versions. Common Vulnerabilities and Exposures (CVE) security patches are also included with dedicated testing and quality assurance. The branches are maintained for 3 years following the release date of the next version.

As a reference, the current 5.10.2-LTS version contains more than 240 bugs patched and 1 CVE fixes, 5.11.2-LTS more than 115 bugs patched, and 5.12.1-LTS about 37 bugs patched. The last status is available here: https://www.kitware.eu/paraview-lts-status/ 

The amount of work to monitor critical bugs and CVEs, then to backport the relevant patches, is very significant. That’s why this branch is available for purchase only.

Is ParaView LTS for me?

If you check one or several of the boxes below, you should likely consider using ParaView LTS:

• ☑ I’m providing ParaView as a service to my users in my lab/enterprise/research center/…
• ☑ I’m running ParaView on a shared production environment, like an HPC environment
• ☑ My software should be certified by my compliance officer before being installed
• ☑ I’m stuck at ParaView version 5.x for various reasons (likely because I’ve customized it) and it’s time-consuming or impossible to update
• ☑ My customers can run ParaView as a service on my infrastructure, with potential security exposure

EU Cyber Resilience Act (CRA)

If you sell any product based on ParaView to European citizens you should be aware of the new European Union (EU) regulation Cyber Resilience Act, for improving cybersecurity and cyber resilience in the EU through common cybersecurity standards for products with digital elements in the EU, such as required incident reports and automatic security updates (Wikipedia Source).

It means that you will have to provide regular security updates for your products and using ParaView Long-Term Support is then mandatory. You’ll also have to activate the SPDX based Software Bill Of Materials (SBOM) generation to improve your software supply chain risk management.

Get Started with ParaView LTS

ParaView LTS is part of Kitware’s suite of ParaView Solutions and was created to help make ParaView more stable and secure for our users. To purchase ParaView LTS, please visit our website:

• Customers in the U.S. and Canada:  Get Started
• Customers in the EU and all other locations Get Started