[Zope-dev] RE: [Zope] Zope security alert and 2.2 information
Paul Everitt
Paul@digicool.com
Tue, 9 May 2000 18:58:29 -0400
Hello everybody. For what it's worth, I just had a call with Brian
Behlendorf (from the Apache Group) about the web-wide aspect in the
second issue. He says it is somewhat related to common client side
issues, but the involvement of redirect and malicious foreign forms is a
deeper wrinkle he hasn't seen before.
I would say "patches accepted", but in this case, I'll change it to
"prozac accepted".
--Paul
> -----Original Message-----
> From: Brian Lloyd [mailto:Brian@digicool.com]
> Sent: Tuesday, May 09, 2000 5:19 PM
> To: 'zope@zope.org'; 'zope-dev@zope.org'
> Subject: [Zope] Zope security alert and 2.2 information
>
>
> Hello all -
>
> We have recently become aware of two important security issues
> that managers of Zope sites need to be aware of. Please see the
> overview at:
>
> http://www.zope.org/Members/jim/ZopeSecurity/TrojanIssueOverview
>
> for further details.
>
>
>
> Brian Lloyd brian@digicool.com
> Software Engineer 540.371.6909
> Digital Creations http://www.digicool.com
>
>
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>