[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ANN: Debian Zope security release (2.1.6-5)



I have prepared a security release of the Zope 2.1.6 Debian package
in order to fix the DTML vulnerability in Zope reported yesterday
(cf. http://yyy.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert),

The new package is currently in Debian's incoming queue. The temporary URL
is
    http://incoming.debian.org/zope_2.1.6-5_i386.deb

Hopefully it will be moved into potato and woody by the release manager RSN.


Please read the security alert mentioned above and consider upgrading your
site to 2.1.6-5.

The package fixes the possible exploit by including the Hotfix_06_16_2000
product. If you install 2.1.6-5, you don't need to install the Hotfix nor
apply DT_String.py.diff nor do you need to upgrade to 2.1.7.


    Gregor Hoffleit <flight@debian.org>

Attachment: pgpAlMAbXEBdZ.pgp
Description: PGP signature


Reply to: