SECURITY:
"A security vulnerability in the `racket/sandbox` library and Typed
Racket allowed malicious Typed Racket code to escape the sandbox.
This vulnerability has been fixed in Racket version 6.9. Anyone using
`racket/sandbox` to execute untrustworthy code with access to Typed
Racket should upgrade to version 6.9 immediately.
While this known vulnerability has been eliminated, it is possible that
similar errors in other installed collections could also be exploited,
although we are not currently aware of any existing vulnerabilities. We
recommend that if you use the Racket sandbox to execute untrustworthy
Racket code, you should also employ additional operating system or
virtual machine level protections. The documentation for `racket/sandbox`
has been updated to list recommended security practices for using the
library."
https://download.racket-lang.org/v6.9.html
Racket is a multi-paradigm programming language in the Lisp/Scheme
family, that also serves as a platform for language creation, design,
and implementation.
The primary components of Racket platform are:
- The implementation of Racket (including a rich run-time system,
various libraries, JIT compiler, and more).
- pkg.racket-lang.org, Racket's web-based package distribution system
for user-contributed packages.
- raco, command line tool for finding documentation, compiling Racket
source to bytecode, packaging executables, packaging installable
archives, and installing packages from remote servers.
