[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ANN: Debian Zope security release (2.1.6-5)

I have prepared a security release of the Zope 2.1.6 Debian package
in order to fix the DTML vulnerability in Zope reported yesterday
(cf. http://yyy.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert),

The new package is currently in Debian's incoming queue. The temporary URL

Hopefully it will be moved into potato and woody by the release manager RSN.

Please read the security alert mentioned above and consider upgrading your
site to 2.1.6-5.

The package fixes the possible exploit by including the Hotfix_06_16_2000
product. If you install 2.1.6-5, you don't need to install the Hotfix nor
apply DT_String.py.diff nor do you need to upgrade to 2.1.7.

    Gregor Hoffleit <flight@debian.org>

Attachment: pgpzbpfgY5nOl.pgp
Description: PGP signature

Reply to: