diff options
Diffstat (limited to 'polish/security/2004/dsa-490.wml')
-rw-r--r-- | polish/security/2004/dsa-490.wml | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/polish/security/2004/dsa-490.wml b/polish/security/2004/dsa-490.wml new file mode 100644 index 00000000000..5d40498b6bf --- /dev/null +++ b/polish/security/2004/dsa-490.wml @@ -0,0 +1,21 @@ +#use wml::debian::translation-check translation="1.1" maintainer="" +#pddp arteek +<define-tag description>arbitrary code execution</define-tag> +<define-tag moreinfo> +<p>A vulnerability has been discovered in the index support of the +ZCatalog plug-in in Zope, an open source web application server. A +flaw in the security settings of ZCatalog allows anonymous users to +call arbitrary methods of catalog indexes. The vulnerability also +allows untrusted code to do the same.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 2.5.1-1woody1.</p> + +<p>For the unstable distribution (sid) this problem has been fixed in +version 2.6.0-0.1 and higher.</p> + +<p>We recommend that you upgrade your zope package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-490.data" |