Advisory for Debian’s new zope packages


Author: JT Smith

From This is an addition to DSA 043-1 which fixes several vulnerabilities in Zope. Something went
wrong so it has to be corrected. The previous security release 2.1.6-7 has two severe
problems: 1. zope 2.1.6-7 erronously included Hotfix 2000-10-02 (a fix for a vulnerability,
which does only affect Zope 2.2.0 and later). The inclusion of this Hotfix completely broke
the authentification, which rendered zope 2.1.6-7 practically unusable.


  • Linux