Date: Thu, 19 Oct 2006 23:52:12 +0400 From: "Andrew Pantyukhin" <infofarmer@FreeBSD.org> To: "TAOKA Fumiyoshi" <fmysh@iijmio-mail.jp> Cc: freebsd-vuxml@freebsd.org Subject: Re: zope -- restructuredText "csv_table" Information Disclosure Message-ID: <cb5206420610191252m124e59c7lb2b1deb2f4c4ad32@mail.gmail.com> In-Reply-To: <2EFE5905-D04D-4D29-BC26-8BC8B5D6AE31@iijmio-mail.jp> References: <2EFE5905-D04D-4D29-BC26-8BC8B5D6AE31@iijmio-mail.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/19/06, TAOKA Fumiyoshi <fmysh@iijmio-mail.jp> wrote: > zope -- restructuredText "csv_table" Information Disclosure > http://www.vuxml.org/freebsd/65a8f773-4a37-11db-a4cc-000a48049292.html > > It is said that affected packages are zope >= 0 in the VuXML entry. > While referenced pages in the entry say that they are: > Zope 2.7.0 - 2.7.9 > Zope 2.8.0 - 2.8.8 > > http://www.securityfocus.com/bid/20022 > http://www.vuxml.org/freebsd/CVE-2006-4684.html > http://secunia.com/advisories/21947/ > http://www.zope.org/Products/Zope/Hotfix-2006-08-21/Hotfix-20060821/ > README.txt The vulnerability has been confirmed in these versions, but as far as we know there are no versions confirmed to be safe yet. To be on the safe side we never put an upper limit on version numbers until we know it for sure. Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5206420610191252m124e59c7lb2b1deb2f4c4ad32>