[plug] Linux-Mandrake Security Update: Zope update

Sun, 06 Aug 2000 21:32:46 -0700 

Hello PLUGgers! :-)
________________________________________________________________________

                Linux-Mandrake Security Update Advisory
________________________________________________________________________

Package name:           Zope
Affected versions:      7.1
________________________________________________________________________

Problem Description:

Previous versions of Zope have a serious security flaw in one of the base classes in 
the DocumentTemplate package that is inadequately protected.  This flaw allows the 
contents of DHTML Documents or DHTML Methods to be changed remotely or through DHTML 
code without forcing proper user authorization.
________________________________________________________________________

Please verify these md5 checksums of the updates prior to upgrading to ensure the 
integrity of the downloaded package.  You can do this by running the md5sum program on 
the downloaded package by using "md5sum package.rpm".

Linux-Mandrake 7.1:
ad28fb2fb4f0105639a641a7acc98821
  7.1/RPMS/Zope-2.1.6-1mdk.i586.rpm
e2b8fd281a2e93cbf5221bcfd3aff65b
  7.1/RPMS/Zope-components-2.1.6-1mdk.i586.rpm
ea50788d6f88abc99bfabb190f2ab3ce
  7.1/RPMS/Zope-core-2.1.6-1mdk.i586.rpm
95b993149c1c97fe7c9e9d53e4923f31
  7.1/RPMS/Zope-pcgi-2.1.6-1mdk.i586.rpm
e74684a03fc61784bfdaec2887e82064
  7.1/RPMS/Zope-services-2.1.6-1mdk.i586.rpm
1cae17ae5ffe776a073255ce4cec9661
  7.1/RPMS/Zope-zpublisher-2.1.6-1mdk.i586.rpm
7fa38fbf43c8b08a26c4694a0a93857a
  7.1/RPMS/Zope-zserver-2.1.6-1mdk.i586.rpm
983471606b95bd60c9d8a5e00e53d90b
  7.1/RPMS/Zope-ztemplates-2.1.6-1mdk.i586.rpm
33b2e53429e3b6f588b9fdfb1ab5dc95
  7.1/SRPMS/Zope-2.1.6-1mdk.src.rpm
________________________________________________________________________

To upgrade automatically, use � MandrakeUpdate �.  

If you want to upgrade manually, download the updated package from one of our FTP 
server mirrors and uprade with "rpm -Uvh package_name".  

You can download the updates directly from:
  ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
  ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates

Or try one of the other mirrors listed at:

  http://www.linux-mandrake.com/en/ftp.php3.  

Updated packages are available in the "updates/[ver]/RPMS/" directory.  For example, 
if you are looking for an updated RPM package for Linux-Mandrake 7.1, look for it in 
"updates/7.1/RPMS/".  Updated source RPMs are available as well, but you generally do 
not need to download them.

Please be aware that sometimes it takes the mirrors a few hours to update, so if you 
want an immediate upgrade, please use one of the two above-listed mirrors.

You can view other security advisories for Linux-Mandrake at:

  http://www.linux-mandrake.com/en/fupdates.php3

If you want to report vulnerabilities, please contact

  [EMAIL PROTECTED]


Marvin Pascual
926-5562
929-7676 local 614
-
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]

Reply via email to