zope2.10 packages prepared for stable-security (bug#540464)
Nico Golde
nico at ngolde.de
Sun Aug 16 12:18:13 UTC 2009
Hi,
* Jonas Meurer <jonas at freesources.org> [2009-08-15 22:54]:
> On 15/08/2009 Nico Golde wrote:
> > Hi,
> > * Jonas Meurer <jonas at freesources.org> [2009-08-10 01:35]:
> > > two vulnerabilities have been found in the zope ZEO network protocol.
> > > CVEs do exist and already are in the debian security tracker:
> > > http://security-tracker.debian.net/tracker/CVE-2009-0668
> > > http://security-tracker.debian.net/tracker/CVE-2009-0669
> > [...]
> > Btw what about zope3?
>
> zope3 is affected as well, but unfortunately i don't know nothing about
> zope3, never used it and thus aren't able to provide patched packages.
You are getting this mail as the zope team. zope3 as well as
zodb has these bugs unfixed for all distributions we
support. Are you able to provide updated packages?
http://people.debian.org/~nion/nmu-diff/zope2.9-2.9.6-4etch1_2.9.6-4etch2.patch
is the patch I used for zop2.9.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-zope-developers/attachments/20090816/a0dbb621/attachment.pgp>
More information about the pkg-zope-developers
mailing list