[Pkg-zope-developers] Bug#388289: zope-cmfplone: Please deploy
anti-link-spam patch as a matter of urgency
Matthew Vernon
matthew at debian.org
Tue Sep 19 15:53:02 UTC 2006
Package: zope-cmfplone
Version: 2.0.4-3sarge1
Severity: important
Tags: security
[possibly this should be higher priority]
A new version of plone has been released, which fixes link-spamming
attacks in older versions. This is causing quite a serious problem on
the site I administer.
A backport of the fix to plone 2.0.x has been released, and should be
made available to debian users as a matter of urgency.
http://plone.org/news/plone-2.5.1-and-2.1.4-released has the details.
Thanks,
Matthew
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.2.19
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages zope-cmfplone depends on:
ii debconf [debconf-2.0] 1.4.30.13 Debian configuration management sy
ii python 2.3.5-2 An interactive high-level object-o
ii zope-btreefolder2 1.0.1-5 Zope folder that can efficiently c
ii zope-cmf1.4 1.4.7-4 zope content management framework
ii zope-cmfactionicons 1:0.9-2 Actions and icons add-on for Zope
ii zope-cmfcalendar1.4 1.4.7-4 zope cmf calendar, 1.4 branch
ii zope-cmfcore1.4 1.4.7-4 zope cmf core services, 1.4 branch
ii zope-cmfdefault1.4 1.4.7-4 zope cmf default (basic) content,
ii zope-cmfformcontroller 1.0.3-3 zope form validation for cmf and p
ii zope-cmfquickinstallertool 1.5.0-2 zope add-on to easy install cmf/pl
ii zope-cmftopic1.4 1.4.7-4 zope cmf topic, 1.4 branch
ii zope-dcworkflow 1.4.7-4 fully customizable workflow for cm
ii zope-formulator 1.7.0-5 A tool to create and validate web
ii zope-groupuserfolder 3.1.1-3 zope add-on that provides user fla
ii zope-plonetranslations 0.6-2 translation files for plone 2.0
ii zope2.7 [zope] 2.7.5-2sarge3 Open Source Web Application Server
-- debconf information:
* zope-cmfplone/initial-instance:
zope-cmfplone/oldproduct_in_var: do nothing
zope-cmfplone/upgrade-from-initial-rc2:
zope-cmfplone/migration:
More information about the Pkg-zope-developers
mailing list