Security hole - please upgrade to 0.9.4

A security hole has been identified in all versions of lxr from 0.7 to 0.9.3. This affects anyone using file-based access to versions (ie using a different directory for each version of the software), and can lead to arbitrary files being read on the webserver.

Please upgrade to 0.9.4 as soon as possible to fix this problem.

Posted by Malcolm Box 2013-01-02

Log in to post a comment.