I first apologize for cross posting, but this is a critical issue for my organization.

We have several applications built with Plone, ranging from v 2.0.5 to v 2.5.3 and Zope, ranging from 2.7.3 to 2.9.7. With the August 2008 release of a Python security vulnerability (http://secunia.com/advisories/31305/), we are trying to determine how this affects our web applications and how to mitigate and detect any attacks. We have seen no discussion among the Zope and Plone communities regarding this security threat. Is this an indication that Zope and Plone are immune from these exploits due to the additional security model it puts in place or is everyone simply waiting for Python to release a patch?

Any advice or guidance on this issue is greatly appreciated.

Stacy Ladnier, Senior Software Engineer

General Dynamics Information Technology/NOAA
National Coastal Data Development Center
Phone:  (228) 688-1878

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to