From owner-freebsd-vuxml@FreeBSD.ORG  Thu Oct 19 18:59:57 2006
Return-Path: <owner-freebsd-vuxml@FreeBSD.ORG>
X-Original-To: freebsd-vuxml@freebsd.org
Delivered-To: freebsd-vuxml@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 094C716A403
	for <freebsd-vuxml@freebsd.org>; Thu, 19 Oct 2006 18:59:57 +0000 (UTC)
	(envelope-from fmysh@iijmio-mail.jp)
Received: from xeon.quad.dyndns.org (228.142.138.210.bn.2iij.net
	[210.138.142.228])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 76B8443D92
	for <freebsd-vuxml@freebsd.org>; Thu, 19 Oct 2006 18:59:21 +0000 (GMT)
	(envelope-from fmysh@iijmio-mail.jp)
Received: from localhost (localhost [127.0.0.1])
	by xeon.quad.dyndns.org (Postfix) with ESMTP id CD91715344C;
	Fri, 20 Oct 2006 03:59:02 +0900 (JST)
X-Virus-Scanned: amavisd-new at quad.dyndns.org
Received: from xeon.quad.dyndns.org ([127.0.0.1])
	by localhost (xeon.quad.dyndns.org [127.0.0.1]) (amavisd-new,
	port 10024)
	with LMTP id Xorn-eN+6OaH; Fri, 20 Oct 2006 03:58:53 +0900 (JST)
Received: from [IPv6:2001:240:66e::3] (mini.quad.dyndns.org
	[IPv6:2001:240:66e::3])
	by xeon.quad.dyndns.org (Postfix) with ESMTP id DBC5A15344B;
	Fri, 20 Oct 2006 03:58:53 +0900 (JST)
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <2EFE5905-D04D-4D29-BC26-8BC8B5D6AE31@iijmio-mail.jp>
Content-Transfer-Encoding: 7bit
From: TAOKA Fumiyoshi <fmysh@iijmio-mail.jp>
Date: Fri, 20 Oct 2006 03:58:36 +0900
To: freebsd-vuxml@freebsd.org
X-Mailer: Apple Mail (2.752.2)
Subject: zope -- restructuredText "csv_table" Information Disclosure
X-BeenThere: freebsd-vuxml@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Documenting security issues in VuXML <freebsd-vuxml.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-vuxml>,
	<mailto:freebsd-vuxml-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-vuxml>
List-Post: <mailto:freebsd-vuxml@freebsd.org>
List-Help: <mailto:freebsd-vuxml-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-vuxml>,
	<mailto:freebsd-vuxml-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Oct 2006 18:59:57 -0000

zope -- restructuredText "csv_table" Information Disclosure
http://www.vuxml.org/freebsd/65a8f773-4a37-11db-a4cc-000a48049292.html

It is said that affected packages are zope >= 0 in the VuXML entry.
While referenced pages in the entry say that they are:
    Zope 2.7.0 - 2.7.9
    Zope 2.8.0 - 2.8.8

http://www.securityfocus.com/bid/20022
http://www.vuxml.org/freebsd/CVE-2006-4684.html
http://secunia.com/advisories/21947/
http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/ 
README.txt


I hope this is useful.
--
TAOKA Fumiyoshi