[Pkg-zope-developers] Bug#388289: zope-cmfplone: Please deploy anti-link-spam patch as a matter of urgency

Matthew Vernon matthew at debian.org
Tue Sep 19 15:53:02 UTC 2006 

Package: zope-cmfplone
Version: 2.0.4-3sarge1
Severity: important
Tags: security

[possibly this should be higher priority] 

A new version of plone has been released, which fixes link-spamming
attacks in older versions. This is causing quite a serious problem on
the site I administer.

A backport of the fix to plone 2.0.x has been released, and should be
made available to debian users as a matter of urgency.

http://plone.org/news/plone-2.5.1-and-2.1.4-released has the details.

Thanks,

Matthew

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.2.19
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages zope-cmfplone depends on:
ii  debconf [debconf-2.0]      1.4.30.13     Debian configuration management sy
ii  python                     2.3.5-2       An interactive high-level object-o
ii  zope-btreefolder2          1.0.1-5       Zope folder that can efficiently c
ii  zope-cmf1.4                1.4.7-4       zope content management framework 
ii  zope-cmfactionicons        1:0.9-2       Actions and icons add-on for Zope 
ii  zope-cmfcalendar1.4        1.4.7-4       zope cmf calendar, 1.4 branch
ii  zope-cmfcore1.4            1.4.7-4       zope cmf core services, 1.4 branch
ii  zope-cmfdefault1.4         1.4.7-4       zope cmf default (basic) content, 
ii  zope-cmfformcontroller     1.0.3-3       zope form validation for cmf and p
ii  zope-cmfquickinstallertool 1.5.0-2       zope add-on to easy install cmf/pl
ii  zope-cmftopic1.4           1.4.7-4       zope cmf topic, 1.4 branch
ii  zope-dcworkflow            1.4.7-4       fully customizable workflow for cm
ii  zope-formulator            1.7.0-5       A tool to create and validate web 
ii  zope-groupuserfolder       3.1.1-3       zope add-on that provides user fla
ii  zope-plonetranslations     0.6-2         translation files for plone 2.0
ii  zope2.7 [zope]             2.7.5-2sarge3 Open Source Web Application Server

-- debconf information:
* zope-cmfplone/initial-instance:
  zope-cmfplone/oldproduct_in_var: do nothing
  zope-cmfplone/upgrade-from-initial-rc2:
  zope-cmfplone/migration:

More information about the Pkg-zope-developers mailing list