The latest version of the Clojure programming language comes with a new security issue.
In the past, a malicious website could compromise an entire company by uploading a file that allowed the malicious site to send commands to its web server.
Now, a hacker could exploit this weakness and exploit an entire enterprise to access a website’s internal files.
In a blog post published this week, the Clojure team said that they have been monitoring the issue and are working on a fix.
A number of other issues also surfaced, including an unpatched vulnerability in Google’s Java runtime, and a Java SE security vulnerability.
But the Clojure security team pointed out that there were no other flaws in the software that were exploited in the attack.
That is because the vulnerabilities are not specific to Clojure but are present in the Java environment, which makes it harder to fix.
It’s not clear whether the Java vulnerabilities will be patched by Google.
Google’s response to the breach was to release a new version of Java that is much more robust.
“The Java platform team is aware of a potential issue with the latest version (10.0) of Java which could result in a denial of service,” Google said in a statement to Ars Technic.
“We are actively investigating this issue and will provide updates if necessary.”
Ars Technics analysis of the vulnerability also suggests that Google’s fix is not a complete fix.
“There are many more potential ways that attackers could exploit a similar issue to the one reported in this report,” Ars Technictimes senior security writer Jeff Schneier wrote.
“I think the best bet is for Google to push out a fix that addresses the Java vulnerability as soon as possible, and Google has not yet responded to Ars’ request for comment on the matter.
It is possible that Google could also make changes to its own Java code to address the issue.
Or Google could patch Java and offer users an alternative Java implementation.
Either way, the risk of an exploit is much higher when you are relying on the Java runtime.
“With Java 8 now shipping, Google is now more secure.” “
It’s a huge win for Google and Google’s customers,” said Ben Golub, director of threat intelligence for Symantec.
“With Java 8 now shipping, Google is now more secure.”
This article has been updated to include a statement from Google.