[Bug 99792] [Sync request] Sync zope2.9 (2.9.6-4etch1) from Debian testing (main)
Michael Bienia
michael at vorlon.ping.de
Sun Apr 1 16:19:23 BST 2007
Public bug reported:
Binary package hint: zope2.9
Please sync zope2.9 (2.9.6-4etch1) from Debian testing (main).
The Ubuntu package has no changes.
The package builds cleanly in a feisty pbuilder.
Thanks.
Changelog:
zope2.9 (2.9.6-4etch1) testing-proposed-updates; urgency=high
* SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET.
Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view
CVE-2007-0240
(Closes: #415564)
-- Jérémy Bobbio <lunar at debian.org> Wed, 28 Mar 2007 23:52:17 +0200
zope2.9 (2.9.6-4) unstable; urgency=medium
* debian/patches/webdav.dpatch: applied patch to correctly quote resource
ids for the webdav protocol. (Closes: #409371)
-- Fabio Tranchitella <kobold at debian.org> Wed, 7 Feb 2007 12:29:49
+0100
** Affects: zope2.9 (Ubuntu)
Importance: Undecided
Status: Confirmed
** Changed in: zope2.9 (Ubuntu)
Status: Unconfirmed => Confirmed
--
[Sync request] Sync zope2.9 (2.9.6-4etch1) from Debian testing (main)
https://launchpad.net/bugs/99792
More information about the ubuntu-archive
mailing list