Linux Security
    Linux Security
    Linux Security

    Debian: zope vulnerability

    Date 11 Aug 2000
    3400
    Posted By LinuxSecurity Advisories
    On versions of Zope prior to 2.2beta1 it was possible for a user with theability to edit DTML can gain unauthorized access to extra roles during arequest.
    -----BEGIN PGP SIGNED MESSAGE-----
    
    - ------------------------------------------------------------------------
    Debian Security Advisory                             This email address is being protected from spambots. You need JavaScript enabled to view it. 
    https://www.debian.org/security/                            Michael Stone
    August 11, 2000
    - ------------------------------------------------------------------------
    
    Package: zope
    Vulnerability type: remote unprivileged access
    Debian-specific: no
    
    On versions of Zope prior to 2.2beta1 it was possible for a user with the
    ability to edit DTML can gain unauthorized access to extra roles during a
    request. 
    
    Debian 2.1 (slink) did not include zope, and is not vulnerable. The widely-used
    Debian 2.2 (potato) pre-release does include zope and is vulnerable to this
    issue. A fixed package for Debian 2.2 (potato) is available in zope 2.1.6-5.1.
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    
    Debian GNU/Linux 2.1 alias slink
    - --------------------------------
    
      This version of Debian did not include zope and is not vulnerable.
    
    
    
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
    
      Source archives:
         https://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6-5.1.diff.gz
          MD5 checksum: c75d6ccc953227214aa8cdcdc720c38a
         https://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6-5.1.dsc
          MD5 checksum: 8332bcfbadc37bbe32e2a64d3b41300f
         https://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6.orig.tar.gz
          MD5 checksum: 6ec4320afd6925c24f9f1b5cd7c4d7c5
      Alpha architecture:
         https://security.debian.org/dists/frozen/updates/main/binary-alpha/zope_2.1.6-5.1_alpha.deb
          MD5 checksum: f3432b908238de8b2fef2d8f10dd82ae
      Arm architecture:
         https://security.debian.org/dists/frozen/updates/main/binary-arm/zope_2.1.6-5.1_arm.deb
          MD5 checksum: 59bb35f4ac17bf1aa6c37d76a624f3c7
      Intel ia32 architecture:
         https://security.debian.org/dists/frozen/updates/main/binary-i386/zope_2.1.6-5.1_i386.deb
          MD5 checksum: 4716213c3986dd0e871a33acc8576c66
      Motorola 680x0 architecture:
        Will be available shortly
      PowerPC architecture:
         https://security.debian.org/dists/frozen/updates/main/binary-powerpc/zope_2.1.6-5.1_powerpc.deb
          MD5 checksum: 1345120dcca3a253b099b6d42ffc9f4b
      Sun Sparc architecture:
         https://security.debian.org/dists/frozen/updates/main/binary-sparc/zope_2.1.6-5.1_sparc.deb
          MD5 checksum: ed818435e7b672521d364a3c044a4043
    
    
    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.3ia
    Charset: noconv
    
    iQCVAwUBOZSaiw0hVr09l8FJAQG2nwP9HYCgsfMOrTBrRQeUzjbsXXuneUpOrzAZ
    8kOLGczsIFWo7n3CDtCMjmgrXVfuF6zSq4XS9afJahLrdwfJWdXjhMXb7SHQ71ZU
    J/2OHoZdGVR2HizEKY8M3wpWw+BnJMUaLomv2LkgqaO5K2zJ2zNgLKIlHCrYHjIP
    cRtS6qszYqw=
    =ZzS9
    -----END PGP SIGNATURE-----
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"11","type":"x","order":"1","pct":10.68,"resources":[]},{"id":"159","title":"False","votes":"92","type":"x","order":"2","pct":89.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.