[Zope] (Security) Hotfix_20050405 Released

Tres Seaver tseaver at zope.com
Tue Apr 5 13:32:54 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Overview

  Zope Corporation has released a Zope hotfix product addressing a
  potential vulnerability discovered during a recent security audit
  of Zope 2.7 and 2.8.

Affected Versions

  The hotfix affects versions 2.7.5 and earlier of Zope on the 2.7
  release line, as well as versions 2.8a1 and 2.8a2 on the upcoming 2.8
  release line.  The vulnerability will be resolved in versions 2.7.6
  and 2.8b1.  We recommend that any site which permits untrusted users
  to write PythonScripts apply this hotfix, and upgrade to a fixed
  version of Zope as it becomes available.

Further Information

  Please see the "product README",
http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-200405/README.txt
  for details on the vulnerability, and for instructions on installing
  the hotfix.

Downloading the Hotfix

  - "Unix tarball",
http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-200405/Hotfix_20050405.tar.gz

  - "Windows ZIP archive",
http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-200405/Hotfix_20050405.zip


Tres Seaver.
- --
===============================================================
Tres Seaver                                tseaver at zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCUsvGGqWXf00rNCgRAt3qAJ42sH4BIPP9+S1g+ZnpwS9YopcggQCfYnvw
hXfT3SOxuL1y1adv5zmv3v8=
=smRT
-----END PGP SIGNATURE-----


More information about the Zope mailing list