----- Forwarded message from Linux Mandrake Security Team <[EMAIL PROTECTED]> ----- > From: Linux Mandrake Security Team <[EMAIL PROTECTED]> > Reply-To: Linux Mandrake Security Team <[EMAIL PROTECTED]> > User-Agent: Mutt/1.2.5i > Date: Wed, 16 Aug 2000 18:30:29 -0600 > To: [EMAIL PROTECTED] > Subject: MDKSA-2000:035 Zope update > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ________________________________________________________________________ > > Linux-Mandrake Security Update Advisory > ________________________________________________________________________ > > Package name: Zope > Date: August 16th, 2000 > Advisory ID: MDKSA-2000:035 > > Affected versions: 7.1 > ________________________________________________________________________ > > Problem Description: > > A problem exists in the Zope package with the getRoles method of user > objects contained in the default UserFolder implementation. Users with > the ability to edit DTML could arrange to give themselves extra roles > for the duration of a single request by mutating the roles list as a > part of the request process. > ________________________________________________________________________ > > Please verify these md5 checksums of the updates prior to upgrading to > ensure the integrity of the downloaded package. You can do this by > running the md5sum program on the downloaded package by using > "md5sum package.rpm". > > Linux-Mandrake 7.1: > fe4e1f82ed6167585ed6c6afb68e8cee > 7.1/RPMS/Zope-2.1.6-2mdk.i586.rpm > 7a429bb87e331e3e49a1d356c13c89e5 > 7.1/RPMS/Zope-components-2.1.6-2mdk.i586.rpm > abfc5fa12c632e5aed25685187f6013f > 7.1/RPMS/Zope-core-2.1.6-2mdk.i586.rpm > ebfc5919455ad30bd600dd927215de9d > 7.1/RPMS/Zope-pcgi-2.1.6-2mdk.i586.rpm > 0177a677584d246982b0b5a78e46156e > 7.1/RPMS/Zope-services-2.1.6-2mdk.i586.rpm > 0583790773b5b8da6cecf014e302f77f > 7.1/RPMS/Zope-zpublisher-2.1.6-2mdk.i586.rpm > 2634f0fc9acf486d0943261ba08e8331 > 7.1/RPMS/Zope-zserver-2.1.6-2mdk.i586.rpm > 215234484e1fde0a5f2f85d70e4048b0 > 7.1/RPMS/Zope-ztemplates-2.1.6-2mdk.i586.rpm > 4a8505637b762d1f03623924e386a908 > 7.1/SRPMS/Zope-2.1.6-2mdk.src.rpm > ________________________________________________________________________ > > To upgrade automatically, use � MandrakeUpdate �. > > If you want to upgrade manually, download the updated package from one > of our FTP server mirrors and uprade with "rpm -Uvh package_name". > > You can download the updates directly from: > ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates > ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates > > Or try one of the other mirrors listed at: > > http://www.linux-mandrake.com/en/ftp.php3. > > Updated packages are available in the "updates/[ver]/RPMS/" directory. > For example, if you are looking for an updated RPM package for > Linux-Mandrake 7.1, look for it in "updates/7.1/RPMS/". Updated source > RPMs are available as well, but you generally do not need to download > them. > > Please be aware that sometimes it takes the mirrors a few hours to > update, so if you want an immediate upgrade, please use one of the two > above-listed mirrors. > > You can view other security advisories for Linux-Mandrake at: > > http://www.linux-mandrake.com/en/fupdates.php3 > > If you want to report vulnerabilities, please contact > > [EMAIL PROTECTED] > ________________________________________________________________________ > > Linux-Mandrake has two security-related mailing list services that > anyone can subscribe to: > > [EMAIL PROTECTED] > > Linux-Mandrake's security announcements mailing list. Only > announcements are sent to this list and it is read-only. > > [EMAIL PROTECTED] > > Linux-Mandrake's security discussion mailing list. This list is open > to anyone to discuss Linux-Mandrake security specifically and Linux > security in general. > > To subscribe to either list, send a message to > [EMAIL PROTECTED] > with "subscribe [listname]" in the body of the message. > > To remove yourself from either list, send a message to > [EMAIL PROTECTED] > with "unsubscribe [listname]" in the body of the message. > > To get more information on either list, send a message to > [EMAIL PROTECTED] > with "info [listname]" in the body of the message. > > Optionally, you can use the web interface to subscribe to or unsubscribe > from either list: > > http://www.linux-mandrake.com/en/flists.php3#security > ________________________________________________________________________ > > Type Bits/KeyID Date User ID > pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team > <[EMAIL PROTECTED]> > > > - -----BEGIN PGP PUBLIC KEY BLOCK----- > Version: GnuPG v1.0.1 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday > L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7 > WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo > P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl > hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx > PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg > 2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs > iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD > LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu > ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t > PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy > /NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulq5AQ0EOWnn > 7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ9F77 > 9FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzRxBXV > Jb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z269s > +A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN6SCX > Vl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZjTcl > 3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo0NAi > RYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJEJGX > lA== > =WxWn > - -----END PGP PUBLIC KEY BLOCK----- > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.1 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE5mvHGmqjQ0CJFipgRAnaRAJ4xynNL4fpRsj0fBhxU6w0q0hsMFACg3pSx > M9dURSjBGxdGgbEWM57J4JA= > =HEwZ > -----END PGP SIGNATURE----- > > ----- End forwarded message ----- -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
