Debian Security Advisory: new version of zope releasedAug 12, 2000, 00:55 (0 Talkback[s])
(Other stories by Michael Stone)
Date: Fri, 11 Aug 2000 20:30:47 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Debian Security Advisory email@example.com http://www.debian.org/security/ Michael Stone August 11, 2000
Package: zope Vulnerability type: remote unprivileged access Debian-specific: noOn versions of Zope prior to 2.2beta1 it was possible for a user with the ability to edit DTML can gain unauthorized access to extra roles during a request.
Debian 2.1 (slink) did not include zope, and is not vulnerable. The widely-used Debian 2.2 (potato) pre-release does include zope and is vulnerable to this issue. A fixed package for Debian 2.2 (potato) is available in zope 2.1.6-5.1.
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.Debian GNU/Linux 2.1 alias slink
This version of Debian did not include zope and is not vulnerable.
Debian GNU/Linux 2.2 alias potato
Intel ia32 architecture:
Motorola 680x0 architecture:
Sun Sparc architecture:
-----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBOZSaiw0hVr09l8FJAQG2nwP9HYCgsfMOrTBrRQeUzjbsXXuneUpOrzAZ 8kOLGczsIFWo7n3CDtCMjmgrXVfuF6zSq4XS9afJahLrdwfJWdXjhMXb7SHQ71ZU J/2OHoZdGVR2HizEKY8M3wpWw+BnJMUaLomv2LkgqaO5K2zJ2zNgLKIlHCrYHjIP cRtS6qszYqw= =ZzS9 -----END PGP SIGNATURE-----
0 Talkback[s] (click to add your comment)