Notebook releases 5.7.3 & 5.7.4

[Thomas Kluyver]

Jupyter Notebook has had a couple more minor releases. 5.7.3 made some security improvements:

1. Jupyter now launches your browser by opening an HTML file which redirects to the server with the authentication token. This eliminates a window of time in which another logged-in user could see the authentication token in command line arguments and authenticate with it before the real user. Thanks to Dr. Owain Kenway for suggesting this technique.

2. Bootstrap is upgraded from 3.3 to 3.4, which includes a fix for an XSS vulnerability. We haven't investigated how this vulnerability might affect Jupyter.

After releasing 5.7.3, we found that the newly written HTML files for point 1 cause a problem for 'jupyter notebook list'. 5.7.4 fixes this.

You can upgrade now with pip:

  pip install --upgrade notebook

Or conda (from conda-forge);

  conda update notebook