[Zope-Annce] ANN: Debian Zope security release (2.1.6-5)
Gregor Hoffleit
gregor@hoffleit.de
Sat, 17 Jun 2000 00:00:06 +0200
--7JfCtLOvnd9MIVvH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
I have prepared a security release of the Zope 2.1.6 Debian package
in order to fix the DTML vulnerability in Zope reported yesterday
(cf. http://yyy.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert),
The new package is currently in Debian's incoming queue. The temporary URL
is
http://incoming.debian.org/zope_2.1.6-5_i386.deb
Hopefully it will be moved into potato and woody by the release manager RSN.
Please read the security alert mentioned above and consider upgrading your
site to 2.1.6-5.
The package fixes the possible exploit by including the Hotfix_06_16_2000
product. If you install 2.1.6-5, you don't need to install the Hotfix nor
apply DT_String.py.diff nor do you need to upgrade to 2.1.7.
Gregor Hoffleit <flight@debian.org>
--7JfCtLOvnd9MIVvH
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5SqNl3eVfDf25G40RAlyDAKC1S4yEwT2LtcDCvskm2txQJoQKbwCeK/2U
srYzuRB83xT+1V3KJUncjKo=
=YiW5
-----END PGP SIGNATURE-----
--7JfCtLOvnd9MIVvH--