[ZWeb] Zope.org feedback: Security issue

Shane Hathaway shane@zope.com
Thu, 20 Jun 2002 15:12:54 -0400


Rami (via www.zope.org) wrote:
> Hello.
> Is the new "HTTP Server chunk encoding heap overflow" a risk to the Zope server as well. Or is it specific to "Apache"? 
> For more info: 
> http://securityresponse.symantec.com/avcenter/security/Content/2049.html

It does not affect Zope.  It's specific to Apache, though a lot of sites 
run Apache in front of Zope, so those sites will need to upgrade.

Shane