We recently discovered a serious security vulnerability in the Racket
web server, which can lead to unintended disclosure of files on the
machine running the web server. This vulnerability is fixed in Racket
version 6.4, just released, and we encourage people to upgrade to that
version.
The vulner
Racket version 6.4 is now available from
http://racket-lang.org/
- We fixed a security vulnerability in the web server. The existing
web server is vulnerable to a navigation attack if it is also
enabled to serve files statically; that is, any file readable by
the web server is accessi
2 matches
Mail list logo
