Paketname
Zope
Datum
2000-12-19
Advisory ID
MDKSA-2000:086
Betroffene Versionen
7.1 i586 , 7.2 i586

Problembeschreibung

A potential security issue exists in versions of Zope up to and including 2.2.4. This issue involves incorrect protection of a data updating method on Image and File objects. Because the method was not correctly protected, it was possible for users with DTML editing privileges to update the raw data of a File or Image object via DTML though they did not have editing privileges on the objects themselves. This update replaces the previous Zope update noted in MDKSA-2000:083.

Aktualisierte Pakete

7.1 i586

 1a27224eda3908f1797f8373cb0a997e  7.1/RPMS/Zope-2.2.4-1.2mdk.i586.rpm
0c4b6927178dae9addb86ad3b58bcb04  7.1/RPMS/Zope-components-2.2.4-1.2mdk.i586.rpm
41f3a790bf3bebb4c49e8ced65a2eec2  7.1/RPMS/Zope-core-2.2.4-1.2mdk.i586.rpm
2697aac6c282d0ff1df6be67c452f0f1  7.1/RPMS/Zope-pcgi-2.2.4-1.2mdk.i586.rpm
6170e2801ae6ff70e0a8d7115abcf2ab  7.1/RPMS/Zope-services-2.2.4-1.2mdk.i586.rpm
f532b272a002b2cadea796644cb55c24  7.1/RPMS/Zope-zpublisher-2.2.4-1.2mdk.i586.rpm
c46eec7ed0490a72ae1b40fda4697891  7.1/RPMS/Zope-zserver-2.2.4-1.2mdk.i586.rpm
8b20f57bf02811245b6c398deb908fb3  7.1/RPMS/Zope-ztemplates-2.2.4-1.2mdk.i586.rpm
8fd0a77af27e4f10b5c7d72aca007a60  7.1/SRPMS/Zope-2.2.4-1.2mdk.src.rpm

7.2 i586

 977521271b02081ead2e692486153603  7.2/RPMS/Zope-2.2.4-1.2mdk.i586.rpm
9469e68a5bad3616f55968bb2a03bdf8  7.2/RPMS/Zope-components-2.2.4-1.2mdk.i586.rpm
2d613ea11d316604c92d87c38850624b  7.2/RPMS/Zope-core-2.2.4-1.2mdk.i586.rpm
029cb83d8dff5c8062c41dcd2643a6fa  7.2/RPMS/Zope-pcgi-2.2.4-1.2mdk.i586.rpm
06dc417709a6d0013213d54361a9fe31  7.2/RPMS/Zope-services-2.2.4-1.2mdk.i586.rpm
f32ab4d27616c1ee74c1510cbb2f9ff9  7.2/RPMS/Zope-zpublisher-2.2.4-1.2mdk.i586.rpm
f95628b3a712688df2810842bd9136ba  7.2/RPMS/Zope-zserver-2.2.4-1.2mdk.i586.rpm
9155e0f3e372b7b7133ad2445cca6522  7.2/RPMS/Zope-ztemplates-2.2.4-1.2mdk.i586.rpm
8fd0a77af27e4f10b5c7d72aca007a60  7.2/SRPMS/Zope-2.2.4-1.2mdk.src.rpm