Debian 2.2: DSA-007-1 Critical: Zope Data Protection Issue
debian
December 20, 2000
A busy week for the Zope team: on Monday another security alert wasreleased revealing a potential problem found by Peter Kelly.
Topics Covered
Summary
Package : zope
Problem type : insufficient protection
Debian-specific: no
A busy week for the Zope team: on Monday another security alert was
released revealing a potential problem found by Peter Kelly. This
problem involved incorrect protection of data updating for Image and
File objects: any user with DTML editing privileges could update the
File or Image object data directly.
This has been fixed in version 2.1.6-5.4 by including the 2000-12-19
hotfix, and we recommend that you upgrade your zope package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
MD5 checksum: 85351d9b245c11f4ed7d95d26342f8f0
MD5 checksum: c1e9b237ec2efa4a94a83e260c4dd550
MD5 checksum: 6ec4320afd6925c24f9f1b5cd7c4d7c5
Alpha architecture:
MD5 checksum: 28f2b7e5a8d4a90587f38d1d62469d9b
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!