[IPython-dev] [ANN] Security release notebook-4.0.5, ipython-3.2.2

MinRK benjaminrk at gmail.com
Thu Sep 24 09:57:20 EDT 2015

(resent because of ipython-dev mailing list trouble)

We’ve just pushed a security release of notebook-4.0.5 and IPython-3.2.2,
fixing two vulnerabilities associated with maliciously crafted files.

   - malicious filenames can execute code: CVE-2015-6938
   - attempting to edit malicious text files with invalid encoding can
   result in execution CVE-2015-7337

Thanks to Juan Broullón, Jonathan Kamens, and Scott Sanderson for the

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20150924/337b2bf9/attachment.html>

More information about the IPython-dev mailing list