Debian: 'zope' vulnerability

    Date20 Dec 2000
    CategoryDebian
    2694
    Posted ByLinuxSecurity Advisories
    A busy week for the Zope team: on Monday another security alert wasreleased revealing a potential problem found by Peter Kelly.
    
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-007-1                   This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                         Wichert Akkerman
    December 20, 2000
    - ------------------------------------------------------------------------
    
    
    Package        : zope
    Problem type   : insufficient protection
    Debian-specific: no
    
    A busy week for the Zope team: on Monday another security alert was
    released revealing a potential problem found by Peter Kelly. This
    problem involved incorrect protection of data updating for Image and
    File objects: any user with DTML editing privileges could update the
    File or Image object data directly.
    
    This has been fixed in version 2.1.6-5.4 by including the 2000-12-19
    hotfix, and we recommend that you upgrade your zope package immediately.
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    
    Debian GNU/Linux 2.2 alias potato
    - ---------------------------------
    
      Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
    
      Source archives:
         http://security.debian.org/dists/stable/updates/main/source/zope_2.1.6-5.4.diff.gz
          MD5 checksum: 85351d9b245c11f4ed7d95d26342f8f0
         http://security.debian.org/dists/stable/updates/main/source/zope_2.1.6-5.4.dsc
          MD5 checksum: c1e9b237ec2efa4a94a83e260c4dd550
         http://security.debian.org/dists/stable/updates/main/source/zope_2.1.6.orig.tar.gz
          MD5 checksum: 6ec4320afd6925c24f9f1b5cd7c4d7c5
    
      Alpha architecture:
         http://security.debian.org/dists/stable/updates/main/binary-alpha/zope_2.1.6-5.4_alpha.deb
          MD5 checksum: 28f2b7e5a8d4a90587f38d1d62469d9b
    
      ARM architecture:
         http://security.debian.org/dists/stable/updates/main/binary-arm/zope_2.1.6-5.4_arm.deb
          MD5 checksum: 8fa39ea6aee3f0359a4dc128815da423
    
      Intel ia32 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-i386/zope_2.1.6-5.4_i386.deb
          MD5 checksum: 0107b0c7104d3cb97db6f9afc18e2005
    
      Motorola 680x0 architecture:
         http://security.debian.org/dists/stable/updates/main/binary-m68k/zope_2.1.6-5.4_m68k.deb
          MD5 checksum: f5f30733f030880ccb22e323f96d4628
    
      PowerPC architecture:
         http://security.debian.org/dists/stable/updates/main/binary-powerpc/zope_2.1.6-5.4_powerpc.deb
          MD5 checksum: 116fb690e9681f4b8a8ce499b578f422
    
      Sun Sparc architecture:
         http://security.debian.org/dists/stable/updates/main/binary-sparc/zope_2.1.6-5.4_sparc.deb
          MD5 checksum: c96083f72ff1a554b1f6f94a90405f25
    
      These files will be moved into
       ftp://ftp.debian.org/debian/dists/stable/*/binary-$arch/ soon.
    
    For not yet released architectures please refer to the appropriate
    directory  ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"40","type":"x","order":"1","pct":48.78,"resources":[]},{"id":"88","title":"Should be more technical","votes":"13","type":"x","order":"2","pct":15.85,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"29","type":"x","order":"3","pct":35.37,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.