[slime-cvs] CVS update: slime/NEWS
Luke Gorrie
lgorrie at common-lisp.net
Wed Jun 30 22:17:53 UTC 2004
Update of /project/slime/cvsroot/slime
In directory common-lisp.net:/tmp/cvs-serv22602
Modified Files:
NEWS
Log Message:
Added security note about the TCP server.
Added notes for ACL and ABCL.
Date: Wed Jun 30 15:17:53 2004
Author: lgorrie
Index: slime/NEWS
diff -u slime/NEWS:1.3 slime/NEWS:1.4
--- slime/NEWS:1.3 Tue Jun 29 23:59:04 2004
+++ slime/NEWS Wed Jun 30 15:17:53 2004
@@ -1,6 +1,6 @@
* SLIME News -*- outline -*-
-* 1.0 alpha-1 (June 2004)
+* 1.0 alpha (June 2004)
This preview release of SLIME is a precursor for an upcoming 1.0
release. We're planning to use our "alpha period" to introduce SLIME
@@ -14,6 +14,13 @@
change something please try to get your patch applied before the end
of July.
+Security note: SLIME has Lisp open a one-use TCP listen socket for
+Emacs to connect to for setting up communication. With all Lisps
+except CLISP and ABCL this socket is bound to the loopback interface
+and thus inaccessible to remote hosts. Be aware that if an attacker
+connected to this server port before Emacs then he could have the Lisp
+process execute arbitrary code.
+
** Supported Lisp implementations
Below is a list of the Lisp implementations that we support and their
@@ -82,6 +89,10 @@
*** Allegro CL
+We support Allegro Common Lisp version 5.0 and higher. The support is
+quite complete, though it hasn't yet been used as heavily as the Lisps
+listed above.
+
*** CLISP
We support CLISP version 2.32 or newer. You'll need a version with
@@ -94,4 +105,7 @@
directory as the source file.
*** Armed Bear Common Lisp
+
+We have new and experimental support for the latest CVS version of
+ABCL.
More information about the slime-cvs
mailing list