[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.161
Tres Seaver
tseaver at zope.com
Thu Jan 8 16:03:06 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv6197/doc
Modified Files:
Tag: Zope-2_6-branch
CHANGES.txt
Log Message:
- The ZTUtils SimpleTree decompressed tree state data from the
request without checking for final size, which could allow for
certain types of DoS attacks.
=== Zope/doc/CHANGES.txt 1.535.2.160 => 1.535.2.161 ===
--- Zope/doc/CHANGES.txt:1.535.2.160 Thu Jan 8 15:58:18 2004
+++ Zope/doc/CHANGES.txt Thu Jan 8 16:02:35 2004
@@ -8,6 +8,10 @@
Bugs Fixed
+ - The ZTUtils SimpleTree decompressed tree state data from the
+ request without checking for final size, which could allow for
+ certain types of DoS attacks.
+
- Inadequate security assertions on administrative "find" methods
could potentially be abused.
More information about the Zope-Checkins
mailing list