Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Linux :: Apps N-Z :: zope.htm

Zope insecurity

    Z Object Publishing Environment


    Users of the Z Object Publishing Environment


    Christopher   Petrilli   posted   following.    Thanks   to  Kevin
    Littlejohn's  sleuthing,  a  sizable   problem  in  the   security
    machinery in DTML has been brought to the attention and  resolved.
    Without delving  too deeply  into the  obtuseness of  the problem,
    let's first say that  this is 1) very  critical, 2) has an  urgent

    This problem  is of  most concern  to anyone  who opens their Zope
    site up to  the general public  (a'la as  it could allow
    "anonymous"  people  to  do  things  which are most definitely not
    allowed.  Unfortunately it  was introduced many releases  ago, but
    to the  knowledge this  is the  first time  anyone has  discovered
    this problem.


    Fixes are contained in the CVS repository as well as:

        Zope 2.1.2
        Patch to 1.10.3

    It  is  important  to  note  that  the  patch  to  1.10.3 has some
    performance impact on  users of this  release.  Unfortunately,  we
    are no longer  able to provide  equal levels of  support for users
    of 1.x and 2.x implementations of Zope.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH