----- Forwarded message from [EMAIL PROTECTED] ----- > From: [EMAIL PROTECTED] > Reply-To: [EMAIL PROTECTED] > Date: Fri, 11 Aug 2000 15:39:00 -0400 > To: [EMAIL PROTECTED] > Subject: [RHSA-2000:052-02] Zope update > > --------------------------------------------------------------------- > Red Hat, Inc. Security Advisory > > Synopsis: Zope update > Advisory ID: RHSA-2000:052-02 > Issue date: 2000-08-11 > Updated on: 2000-08-11 > Product: Red Hat Powertools > Keywords: Zope > Cross references: N/A > --------------------------------------------------------------------- > > 1. Topic: > > Vulnerabilities exist with all Zope-2.0 releases. > > 2. Relevant releases/architectures: > > Red Hat Powertools 6.1 - noarch > Red Hat Powertools 6.2 - noarch > > 3. Problem description: > > This HotFix corrects issues in the getRoles method of user objects > contained in the default UserFolder implementation. Users with the ability > to edit DTML could arrange to give themselves extra roles for the duration > of a single request by mutating the roles list as a part of the request > processing. > > 4. Solution: > > Users of Red Hat Powertools 6.1 who have not upgraded Zope to the version > of Zope released in Red Hat Powertools 6.2 (2.1.2-5) need to do so prior to > installing this Zope update. The Zope packages from 6.2 are located at: > > ftp://ftp.redhat.com/pub/redhat/powertools/6.2/ > > After you have upgraded to Zope-2.1.2-5 install the Zope-Hotfix package. To > install the update, use this command: > > rpm -Uvh Zope-Hotfix-DTML-08_09_2000-1.noarch.rpm > > Once the Zope-Hotfix package is installed, restart Zope. > > 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): > > N/A > > 6. RPMs required: > > Red Hat Powertools 6.2: > > noarch: > >ftp://updates.redhat.com/powertools/6.2/noarch/Zope-Hotfix-DTML-08_09_2000-1.noarch.rpm > > sources: > ftp://updates.redhat.com/powertools/6.2/SRPMS/Zope-Hotfix-DTML-08_09_2000-1.src.rpm > > 7. Verification: > > MD5 sum Package Name > -------------------------------------------------------------------------- > d008c975cec06c552172659ffb14a3a1 6.2/SRPMS/Zope-Hotfix-DTML-08_09_2000-1.src.rpm > 61e9f5fed71cbb784f2e1352cb98fb1a 6.2/noarch/Zope-Hotfix-DTML-08_09_2000-1.noarch.rpm > > These packages are GPG signed by Red Hat, Inc. for security. Our key > is available at: > http://www.redhat.com/corp/contact.html > > You can verify each package with the following command: > rpm --checksig <filename> > > If you only wish to verify that each package has not been corrupted or > tampered with, examine only the md5sum with the following command: > rpm --checksig --nogpg <filename> > > 8. References: > > http://www.zope.org/Products/Zope/Hotfix_08_09_2000/security_alert > > > Copyright(c) 2000 Red Hat, Inc. > > ----- End forwarded message ----- -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
