On 24 October 2011 22:54, Tres Seaver <tsea...@palladion.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On behalf of the Zope security response team, I would like to announce
> the availability of a hotfix for a vulnerability inadvertently
> published earlier today.
> 'Products.Zope_Hotfix_20111024' README
> - --------
> This hotfix addresses a serious vulnerability in the Zope2
> application server. Affected versions of Zope2 include:
> - - 2.12.x <= 2.12.20
> - - 2.13.x <= 2.13.6
> Older releases (2.11.x, 2.10.x, etc.) are not vulnerable.
Can you confirm whether or not Zope 2.13.6 through 2.13.10 are affected?
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -