Andrew Kuchling wrote:
>
> On Fri, Dec 08, 2000 at 03:48:52PM -0500, Brian Lloyd wrote:
> > The hotfix will work for all versions of Zope 2.2.0 and higher. A
> > future version of Zope will contain the fix for this
> > issue, and you will be able to uninstall the hot fix after upgrading.
>
> A slight modification to the patch makes it work (meaning, "run
> without raising an exception") on Zope 2.1.6; patch below. Can
> someone at DC confirm that this patched version fixes the problem for
> 2.1.x and doesn't break anything else? (If you want to privately send
> me an exploit, that would be quite helpful.)
AFAICT 2.1.6 is not vulnerable.
Shane
_______________________________________________
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )