(sorry Sam, forgot to Cc list)
Thank you for disclosing these vulnerabilities! Responsible disclosure
helps everyone.
Sam Tobin-Hochstadt writes:
> * Check any packages you have uploaded to the site, to ensure that no
> unexpected changes have been made to them.
Is package signing on Racket's r
Recently, we discovered several security vulnerabilities with how both the
Racket package catalog server and the Racket package client work. The
vulnerabilities have now all been fixed, and we do not know of any
exploitation of them. However, we encourage you to take the following steps:
* Change
2 matches
Mail list logo
