New Plone issues
Gediminas Paulauskas
menesis at pov.lt
Fri Dec 13 15:16:51 UTC 2013
2013/12/13 Moritz Muehlenhoff <jmm at debian.org>
> Hi,
> there are three new CVE assignments for issues in Plone. I vaguely
> remember that this seems
> to be related to Zope, but I don't have a full picture of the packages.
> Does any of this affect Debian?
>
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7060 (non issue in
> Debian)
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7061
Both are not relevant, because Plone is not available in Debian.
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7062
The affected file exists in zope2.12 package, available in wheezy only.
This patch has not been merged to the 2.12 branch, and a release has not
been made.
The version in wheezy is 2.12.26 and there are two more upstream releases
containing security-related fixes (nothing else is being done to this old
branch).
https://github.com/zopefoundation/Zope/blob/2.12/doc/CHANGES.rst
--
Gediminas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-zope-developers/attachments/20131213/b8c6f7c0/attachment.html>
More information about the pkg-zope-developers
mailing list