Debian Essential And Critical Security Patch Updates - Page 295

Find the information you need for your favorite open source distribution .

Debian: New Version of zope released


On versions of Zope prior to 2.2.1 it was possible for a user with theability to edit DTML to gain unauthorized access to extra roles during arequest. A fix was previously announced in the Debian zope package2.1.6-5.1, but that package did not fully address the issue and has beensuperseded by this announcement.

Debian: ntop vulnerability


Using ntop to distribute network traffic through the network, it is possible to access arbitrary files on the local filesystem. Since ntop runs as root uid, guess what that means, even /etc/shadow got unsecured.