25 Oct
2011
25 Oct
'11
11:28 a.m.
On 24 October 2011 22:54, Tres Seaver <tseaver@palladion.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On behalf of the Zope security response team, I would like to announce the availability of a hotfix for a vulnerability inadvertently published earlier today.
'Products.Zope_Hotfix_20111024' README ======================================
Overview - --------
This hotfix addresses a serious vulnerability in the Zope2 application server. Affected versions of Zope2 include:
- - 2.12.x <= 2.12.20
- - 2.13.x <= 2.13.6
Older releases (2.11.x, 2.10.x, etc.) are not vulnerable.
Can you confirm whether or not Zope 2.13.6 through 2.13.10 are affected? Laurence