Installed zope 2.1.4-1 (source i386)
Installed:
zope_2.1.4-1_i386.deb
to dists/potato/main/binary-i386/web/zope_2.1.4-1.deb
replacing zope_2.1.3-1.deb
zope_2.1.4-1_i386.deb
to dists/woody/main/binary-i386/web/zope_2.1.4-1.deb
replacing zope_2.1.3-1.deb
zope_2.1.4.orig.tar.gz
to dists/potato/main/source/web/zope_2.1.4.orig.tar.gz
replacing zope_2.1.3.orig.tar.gz
zope_2.1.4.orig.tar.gz
to dists/woody/main/source/web/zope_2.1.4.orig.tar.gz
replacing zope_2.1.3.orig.tar.gz
zope_2.1.4-1.diff.gz
to dists/potato/main/source/web/zope_2.1.4-1.diff.gz
replacing zope_2.1.3-1.diff.gz
zope_2.1.4-1.diff.gz
to dists/woody/main/source/web/zope_2.1.4-1.diff.gz
replacing zope_2.1.3-1.diff.gz
zope_2.1.4-1.dsc
to dists/potato/main/source/web/zope_2.1.4-1.dsc
replacing zope_2.1.3-1.dsc
zope_2.1.4-1.dsc
to dists/woody/main/source/web/zope_2.1.4-1.dsc
replacing zope_2.1.3-1.dsc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.6
Date: Fri, 11 Feb 2000 11:46:29 +0100
Source: zope
Binary: zope
Architecture: source i386
Version: 2.1.4-1
Distribution: frozen unstable
Urgency: high
Maintainer: Gregor Hoffleit <flight@debian.org>
Description:
zope - The Z Object Publishing Environment
Changes:
zope (2.1.4-1) frozen unstable; urgency=high
.
* New upstream release, which is only a security bug fix release:
.
- Removed the "feature" that allowed the REQUEST object to be traversed
through the web. While useful for debugging, this could be a security
issue.
.
There's only this single (four lines) change compared with 2.1.3-1.
Therefore, the package can go into frozen.
.
If you made use of this feature, it's still possible to use it with
2.1.4: "Simply make a DTML Method in your root folder called 'DEBUG'
(or something similar) containing the line: <dtml-var REQUEST>
and set its permissions so that only Managers can view it."
Files:
8fc7861d5fc89e2c38bb0f8c006aadea 548 web optional zope_2.1.4-1.dsc
1260517dbf159869c594d3ba464fff9a 1340984 web optional zope_2.1.4.orig.tar.gz
e69ff48ad505211c95e49172db7264ef 21485 web optional zope_2.1.4-1.diff.gz
574d9f14a0dc3bc364de97e09483359e 1122138 web optional zope_2.1.4-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4o+ty3eVfDf25G40RAidHAKCWKDWjcVL/Eqw0y/vc7bJjdkzBcwCgz3iv
p/5v7NkWloChUBO4+BLqGRQ=
=Yx/z
-----END PGP SIGNATURE-----
Reply to: