Package: zope-cmfplone Version: 2.0.4-3sarge1 Severity: important Tags: security
[possibly this should be higher priority] A new version of plone has been released, which fixes link-spamming attacks in older versions. This is causing quite a serious problem on the site I administer. A backport of the fix to plone 2.0.x has been released, and should be made available to debian users as a matter of urgency. http://plone.org/news/plone-2.5.1-and-2.1.4-released has the details. Thanks, Matthew -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.2.19 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages zope-cmfplone depends on: ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy ii python 2.3.5-2 An interactive high-level object-o ii zope-btreefolder2 1.0.1-5 Zope folder that can efficiently c ii zope-cmf1.4 1.4.7-4 zope content management framework ii zope-cmfactionicons 1:0.9-2 Actions and icons add-on for Zope ii zope-cmfcalendar1.4 1.4.7-4 zope cmf calendar, 1.4 branch ii zope-cmfcore1.4 1.4.7-4 zope cmf core services, 1.4 branch ii zope-cmfdefault1.4 1.4.7-4 zope cmf default (basic) content, ii zope-cmfformcontroller 1.0.3-3 zope form validation for cmf and p ii zope-cmfquickinstallertool 1.5.0-2 zope add-on to easy install cmf/pl ii zope-cmftopic1.4 1.4.7-4 zope cmf topic, 1.4 branch ii zope-dcworkflow 1.4.7-4 fully customizable workflow for cm ii zope-formulator 1.7.0-5 A tool to create and validate web ii zope-groupuserfolder 3.1.1-3 zope add-on that provides user fla ii zope-plonetranslations 0.6-2 translation files for plone 2.0 ii zope2.7 [zope] 2.7.5-2sarge3 Open Source Web Application Server -- debconf information: * zope-cmfplone/initial-instance: zope-cmfplone/oldproduct_in_var: do nothing zope-cmfplone/upgrade-from-initial-rc2: zope-cmfplone/migration: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]