17 Apr
2008
17 Apr
'08
3:29 p.m.
* Madhu [2008-04-14 07:39+0200] writes:
SWANK-LOADER::SLIME-VERSION-STRING calls READ on the first form of the ChangeLog file without binding *READ-EVAL* to NIL, which is a potential security hole. This minor patch fixes that, to avoid future dire advisories...
We even load user-init files. Isn't that a much more severe security hole?