[Zope] Hotfix kills my Zope -- (ANNOUNCE: cgi.py vulnerability hotfix for Zope...)
Ron Bickers
rbickers-dated-996702039.a7dad0@logicetc.com
Wed, 25 Jul 2001 17:40:38 -0400
This hotfix kills my Zope no matter what URL I try to visit.
Error Type: TypeError
Error Value: object is not callable: None
<!--
Traceback (innermost last):
File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 223, in
publish_module
File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 187, in
publish
File /usr/local/zope-2.4.0/lib/python/Zope/__init__.py, line 226, in
zpublisher_exception_hook
(Object: ApplicationDefaultPermissions)
File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 136, in
publish
File /usr/local/zope-2.4.0/lib/python/ZPublisher/HTTPRequest.py, line 405,
in processInputs
File /var/tmp/python-2.1-root/usr/lib/python2.1/cgi.py, line 449, in
__init__
TypeError: (see above)
-->
_______________________
Ron Bickers
Logic Etc, Inc.
> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Brian
> Lloyd
> Sent: Wednesday, July 25, 2001 4:37 PM
> To: zope-announce@zope.org; zope@zope.org
> Subject: [Zope] ANNOUNCE: cgi.py vulnerability hotfix for Zope...
>
>
> This hotfix addresses a potential denial-of-service vulnerability
> in applications that use the Python cgi module (cgi.py) for parsing
> of "multipart" Web form data (Zope uses this functionality internally).