-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Overview
Zope Corporation has released a Zope hotfix product addressing a potential vulnerability discovered during a recent security audit of Zope 2.7 and 2.8. Affected Versions The hotfix affects versions 2.7.5 and earlier of Zope on the 2.7 release line, as well as versions 2.8a1 and 2.8a2 on the upcoming 2.8 release line. The vulnerability will be resolved in versions 2.7.6 and 2.8b1. We recommend that any site which permits untrusted users to write PythonScripts apply this hotfix, and upgrade to a fixed version of Zope as it becomes available. Further Information Please see the "product README", http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-20050405/README.txt for details on the vulnerability, and for instructions on installing the hotfix. Downloading the Hotfix - "Unix tarball", http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-20050405/Hotfix_20050405.tar.gz - "Windows ZIP archive", http://www.zope.org/Products/Zope/Hotfix-2005-04-05/Hotfix-20050405/Hotfix_20050405.zip Apologies for the earlier typoed URLs. Tres Seaver. - -- =============================================================== Tres Seaver [EMAIL PROTECTED] Zope Corporation "Zope Dealers" http://www.zope.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCUtIhGqWXf00rNCgRAitxAJ9Vualp5LLSrMQb1T799UWKa1UJoQCgmCJ2 EqH0Sj4RN0V8o1ldX6C1g90= =1lBU -----END PGP SIGNATURE----- _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
