Zope and security vulnerability: 20121106
Hi, is a standard Zope affected by this security vulnerability or only if Plone is installed: http://plone.org/products/plone/security/advisories/20121106-announcement The patch is replacing some basic classes therefore it looks to me that Zope itself without any Plone is vulnerable too. If so is there a Hotfix for Zope or new Zope version which fixes these bugs? Ciao Marcus
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can just apply the Plone hotfix for Zope only installations. The Plone patches are not applied then. Johannes On 11/11/2012 06:32 PM, Marcus Schopen wrote:
Hi,
is a standard Zope affected by this security vulnerability or only if Plone is installed:
http://plone.org/products/plone/security/advisories/20121106-announcement
The patch is replacing some basic classes therefore it looks to me that Zope itself without any Plone is vulnerable too. If so is there a Hotfix for Zope or new Zope version which fixes these bugs?
Ciao Marcus
_______________________________________________ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
- -- programmatic web development di(fh) johannes raggam / thet python plone zope development mail: office@programmatic.pro web: http://programmatic.pro http://bluedynamics.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCf+YkACgkQW4mNMQxDgAfzewCg5VPyH+ADX/75eSBDxxy1BEWK RaQAoIXSX+Mj8J+yrWd4KD6HKglDQHtu =cxZJ -----END PGP SIGNATURE-----
participants (2)
-
johannes raggam -
Marcus Schopen