[Zope] Script (Python) insecure ?
Tres Seaver
tseaver at palladion.com
Tue Aug 12 12:04:49 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Garito wrote:
> The same question again and again
>
> As a Zope user I prefer to know as soon as possible if Zope has security
> problems like those
>
> Perhaps the correct way will be to send the problem to the zope people and 2
> weeks later then make it public
>
> I think 2 weeks is a very correct period to solve a problem if not, I want
> to try to solve the problem for myself
>
> But I shout my mouth, sorry Andreas ;)
>
> 2008/8/12 Andreas Jung <lists at zopyx.com>
>
>> *sigh*
>>
>> I wished that both exploits were reported to the Zope bugtracker in order
>> to work on solutions before making the exploits public.
Right: we would just like time to investigate the problem so that we
can announce the problem and the workaround / hotfix / new releases
simultaneously. Two weeks would be longer than I would expect that
process to take.
Tres.
- --
===================================================================
Tres Seaver +1 540-429-0999 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIobSh+gerLs4ltQ4RAor1AJ94e+J6HcSYQbYTNM0x+FhGHiUxygCeMk5N
De3Ub0slW6p+DKJh3dRG+a8=
=pA6g
-----END PGP SIGNATURE-----
More information about the Zope
mailing list