Version 4.1.2p2 of Hobbit has just been uploaded to SourceForge, and is available at http://sourceforge.net/project/showfiles.php?group_id=128058&package_id=140220&release_id=436594 This release fixes a security bug reported by Jason Kruse earlier today: File access via the Hobbit "config" method failed to restrict access to the Hobbit configuration directory. It is therefore possible for anyone with access to the Hobbit network daemon on port 1984 to read any file on the Hobbit server which is readable by the user running the hobbitd daemon. This problem affects all versions of Hobbit 4.0 and 4.1. Users are encouraged to update their Hobbit installation, or restrict network access to Hobbit network daemon (e.g. by implementing firewall rules restricting access to TCP port 1984). This version also includes all non-security patches that have been published since the release of version 4.1.2p1 in November 2005. Regards, Henrik Storner