--On 8. August 2008 10:09:56 -0500 Stacy Ladnier <[EMAIL PROTECTED]> wrote:

I first apologize for cross posting, but this is a critical issue for my

We have several applications built with Plone, ranging from v 2.0.5 to v
2.5.3 and Zope, ranging from 2.7.3 to 2.9.7. With the August 2008
release of a Python security vulnerability
(http://secunia.com/advisories/31305/), we are trying to determine how
this affects our web applications and how to mitigate and detect any
attacks. We have seen no discussion among the Zope and Plone communities
regarding this security threat. Is this an indication that Zope and
Plone are immune from these exploits due to the additional security
model it puts in place or is everyone simply waiting for Python to
release a patch?

I don't see any imminent thread for Zope based on the vague
advisories. As Limi said: wait until fixed Python versions are available.


Attachment: pgpmYxTXHHgSn.pgp
Description: PGP signature

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to