[IPython-dev] [ANN] Security release notebook-4.0.5, ipython-3.2.2
benjaminrk at gmail.com
Thu Sep 24 09:57:20 EDT 2015
(resent because of ipython-dev mailing list trouble)
We’ve just pushed a security release of notebook-4.0.5 and IPython-3.2.2,
fixing two vulnerabilities associated with maliciously crafted files.
- malicious filenames can execute code: CVE-2015-6938
- attempting to edit malicious text files with invalid encoding can
result in execution CVE-2015-7337
Thanks to Juan Broullón, Jonathan Kamens, and Scott Sanderson for the
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the IPython-dev