News

21-Nov-2013

This is a maintenance release that fixes a serious bug in the built-in HTTP server. It was discovered that the handle_request() routine did not properly perform input sanitization which led into a number of security vulnerabilities.

An unauthenticated, remote attacker could exploit this flaw to execute arbitrary commands on the remote host.

All users still using older versions are advised to upgrade to this version, which resolves this issue.