We have recently discovered that there are (still) very serious security
problems with the integration of reStructured Text (docutils) into
Zope 2.

We have prepared a hot fix for this problem:

  http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/

See:
http://www.zope.org/Products/Zope/Hotfix-2006-07-05/Hotfix-20060705/ README.txt
for installation instructions.

It is important to install this hotfix as soon as possible.

This fix will disable the reStructuredText 'raw' directive.

Much thanks goes to Tres Seaver for analyzing the problem and developing the hotfix!

Jim

--
Jim Fulton                      mailto:[EMAIL PROTECTED]                Python 
Powered!
CTO                             (540) 361-1714                  
http://www.python.org
Zope Corporation        http://www.zope.com             http://www.zope.org



_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to