---------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT ---------------------------------------------------------------------- PACKAGE: zope SUMMARY : Security problems in DocumentTemplate DATE : 2000-06-16 AFFECTED CONECTIVA VERSIONS : 4.2, 5.0 DESCRIPTION The issue involves an inadequately protected method in one of the base classes in the DocumentTemplate package that could allow the contents of +DTMLDocuments or DTMLMethods to be changed remotely or through DTML code without forcing proper user authorization. SOLUTION All users must upgrade to the 2.1.7 Zope version. DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-components-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-core-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-pcgi-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-services-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-zpublisher-2.1.7-1cl.i386.rpm ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/i386/Zope-ztemplates-2.1.7-1cl.i386.rpm DIRECT LINK TO THE SOURCE PACKAGE ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/blahblahblah.src.rpm ---------------------------------------------------------------------- All packages are signed with Conectiva's PGP key. The key can be obtained at http://www.conectiva.com.br/conectiva/contato.html ---------------------------------------------------------------------- subscribe: [EMAIL PROTECTED] unsubscribe: [EMAIL PROTECTED] -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
