[SECURITY] Windows is no longer officially supported

unread,

Apr 23, 2018, 4:40:03 PM4/23/18

to Mojolicious

Quick heads up for everyone. Please try to avoid using Windows servers in production

with Mojolicious, there may be serious security issues.

--

sebastian

unread,

Apr 23, 2018, 4:53:30 PM4/23/18

to Mojolicious

Background here is that we've been made aware of a possibly very serious security

issue, and had to make it public in the hopes of finding a volunteer to verify and fix

it for us.

Unfortunately the expertise on the core team is currently very much focused on

UNIX. We will try to address this in the future, but that will take time.

--

sebastian

unread,

Apr 24, 2018, 12:10:35 PM4/24/18

to Mojolicious

Quick update, the secuity issue has been confirmed. We do have a path

traversal vulnerability on Windows and there is no known fix yet. So, please

make sure not to use Windows!

--

sebastian

Reply all

Reply to author

Forward