---

BeOpen.com: Security Update for Zope

[ Thanks to BeOpen
for this link. ]

“We have recently become aware of an important security issue
that affects all released Zope versions including the recent 2.2
beta 1 release.”

The issue involves an inadequately protected method in one
of the base classes in the DocumentTemplate package that could
allow the contents of DTMLDocuments or DTMLMethods to be changed
remotely or through DTML code without forcing proper user
authorization.

“A hotfix for this issue in the form of an add-on Zope product
has been made available on zope.org. To install the hotfix, simply
download and install the package as you would any other Zope add-on
product (extract it in the root of your Zope installation).
Remember to restart your Zope installation for the hotfix to take
effect.”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis