ASA-202107-39 log generated external raw

[ASA-202107-39] racket: sandbox escape
Arch Linux Security Advisory ASA-202107-39 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-32773 Package : racket Type : sandbox escape Remote : Yes Link : Summary ======= The package racket before version 8.2-1 is vulnerable to sandbox escape. Resolution ========== Upgrade to 8.2-1. # pacman -Syu "racket>=8.2-1" The problem has been fixed upstream in version 8.2. Workaround ========== None. Description =========== In Racket versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow system functions to be controlled by the attacker, giving access to facilities intended to be restricted. Impact ====== Code executed in the Racket sandbox could escape its confinement through attacker-created modules. References ==========