[Zope] Serious security problem with Zope 2
Jim Fulton
jim at zope.com
Wed Jul 5 17:53:28 EDT 2006
We have recently discovered that there are (still) very serious security
problems with the integration of reStructured Text (docutils) into
Zope 2.
We have prepared a hot fix for this problem:
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/
See:
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/
README.txt
for installation instructions.
It is important to install this hotfix as soon as possible.
This fix will disable the reStructuredText 'raw' directive.
Much thanks goes to Tres Seaver for analyzing the problem and
developing the hotfix!
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope
mailing list