hi I have (hopefully) fixed the bug 334055 that is a security alert.
This is the proposed update for sarge : http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope2.7_2.7.5-2sec1_source.changes This is the proposed update for etch : http://tonelli.sns.it/pub/mennucc1/zope/debian/etch-security/zope2.7_2.7.5-3sec1_source.changes This is the patch that I applied : http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope-hotfix_2005-10-09-sarge.diff Note that my patch is much smaller than the original hotfix : http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope-hotfix_2005-10-09-upstream.diff which included also some new features such as nl and ca languages - - but usually we do not add new features in Debian when releasing security upgrades. Unfortunately all the above is source-only : I do not have here available a clean pure Sarge or Etch build environment. Can I upload a source-only in stable-security and testing-security ? I have made available a binary version: I compiled the etch source (and I am happily running it), it is available at http://tonelli.sns.it/pub/mennucc1/zope/debian/tmp/zope2.7_2.7.5-3sec1_i386.deb but it was compiled on my PC that is a mixture of sarge and etch, so it may miswork both in sarge and in etch :-( . I would also appreciate if someone who understands what 334055 is about would compile and test my fix to see if it works. a. -- Andrea Mennucc "Ukn ow,Ifina llyfixe dmysp acebar.ohwh atthef"
signature.asc
Description: Digital signature
