[Pkg-zope-developers] Bug#334055: zope2.7 security fix (bug 334055
)
A Mennucc
debdev at tonelli.sns.it
Mon Oct 17 09:08:49 UTC 2005
hi
I have (hopefully) fixed the bug 334055 that is a security alert.
This is the proposed update for sarge :
http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope2.7_2.7.5-2sec1_source.changes
This is the proposed update for etch :
http://tonelli.sns.it/pub/mennucc1/zope/debian/etch-security/zope2.7_2.7.5-3sec1_source.changes
This is the patch that I applied :
http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope-hotfix_2005-10-09-sarge.diff
Note that my patch is much smaller than the original hotfix :
http://tonelli.sns.it/pub/mennucc1/zope/debian/sarge-security/zope-hotfix_2005-10-09-upstream.diff
which included also some new features such as nl and ca languages -
- but usually we do not add new features in Debian when releasing security
upgrades.
Unfortunately all the above is source-only : I do not have here available
a clean pure Sarge or Etch build environment.
Can I upload a source-only in stable-security and testing-security ?
I have made available a binary version:
I compiled the etch source (and I am happily running it), it is available at
http://tonelli.sns.it/pub/mennucc1/zope/debian/tmp/zope2.7_2.7.5-3sec1_i386.deb
but it was compiled on my PC that is a mixture of sarge and etch,
so it may miswork both in sarge and in etch :-( .
I would also appreciate if someone who understands what 334055 is about
would compile and test my fix to see if it works.
a.
--
Andrea Mennucc
"Ukn ow,Ifina llyfixe dmysp acebar.ohwh atthef"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-zope-developers/attachments/20051017/0976e28b/attachment-0001.pgp
More information about the Pkg-zope-developers
mailing list