The Zope authors have released a new hotfix that addresses a
vulnerability with ZClasses. A user with through-the-web scripting
capabilities on a Zope site can view and assign class attributes to
ZClasses, possibly allowing them to make inappropriate changes to
This hotfix also fixes problems in the ObjectManager,
PropertyManager, and PropertySheet classes related to mutability of
method return values which could be perceived as a security
It is recommended that all Zope users upgrade this software.
Users of Conectiva Linux version 6.0 or higher may use apt to
perform upgrades of RPM packages:
- add the following line to /etc/apt/sources.list if it is not
(you may also use linuxconf to do this):
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.