18 Dec
2000
18 Dec
'00
4:03 p.m.
On Mon, Dec 18, 2000 at 10:30:56AM -0500, Brian Lloyd wrote:
The hotfix will work for all versions of Zope 2.2.0 and higher. A future version of Zope will contain the fix for this issue, and you will be able to uninstall the hot fix after upgrading.
This seems to imply that 2.1.6 is vulnerable as well, but that this Hotfix won't work, and that no fix exists. Is that correct, or is the fix simply not tested with 2.1.6 ?
Gregor
Sorry - 2.1.6 _is_ vulnerable, and the Hotfix will work for 2.1.6. I'll update that README.
Thanks! Gregor