We just release a few hours a ago a new minor version of IPython. Please upgrade your IPython notebook installation to 3.2 as soon as possible. There are important security patches in this release. Users are strongly encouraged to upgrade immediately.
- A security improvement that sets the secure attribute of the login cookie to prevent them from being sent over http
- Revert the face color of matplotlib axes in the inline backend to not be transparent
- Enable mathjax safe mode by default
- Fix XSS vulnerability in JSON error messages
- Various widget-related fixes
You can get the latest via pip using
pip install --upgrade ipython[notebook]. Use
conda update ipython if you are using Anaconda.
A CVE has been requested for the XSS vulnerability on the OSS Security mailing list http://permalink.gmane.org/gmane.comp.security.oss.general/17131
 CVE are tracked under numbers CVE-2015-4706 and CVE-2015-4707 [/edit]
Thank you to Ahmad Khan of IBM for reporting the XSS vulnerability and Jason Grout for setting MathJax safe mode.