This is a companion discussion topic for the original entry at https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update
Important Security Notice
A vulnerability was discovered in Shiny Server that could allow the download of published application source code directly from the server. This issue affects both Shiny Server Pro and the open source Shiny Server product.
We recommend upgrading to the new version immediately. If this is not possible, please contact support@rstudio.com who will supply an interim fix that can be applied to the configuration.
Release Notes
In addition to the important security patch described above, the following items have been addressed in this release:
- Fixed an issue where a failure in a certain phase of R process launching would result in a broken process being treated as a normal process, and repeatedly used to (unsuccessfully) serve new clients.
- In accordance with the RStudio Platform Support strategy, this release drops support for RedHat/CentOS 6.
- Upgrades Node.js to 12.20.0.
Review the full Shiny Server Pro Release Notes.
Upgrade Instructions
Shiny Server Pro
To perform an upgrade, download the newer package and install it using your package manager. Existing configuration settings are respected. Instructions are available for the following operating systems:
Please contact our Support Team if you encounter any issues with the upgrade process.
Shiny Server Open Source
To upgrade open source Shiny Server, download the newer package and install it using your package manager. Existing configuration settings are respected. Instructions are available for the following operating systems:
