You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Hotfix_2001-07-25 » Zope hotfix: cgi library vulnerability » View NewsItem
Log in
Name

Password

 
Link icon Forgot your password?
Print

Zope hotfix: cgi library vulnerability

This hotfix addresses a potential denial-of-service vulnerability in applications that use the Python cgi module (cgi.py) for parsing of "multipart" Web form data (Zope uses this functionality internally).

More detailed information is available in the Python bug tracker at SourceForge:

http://sourceforge.net/tracker/?group_id=5470&atid=105470&func=detail&aid=443120

While we are not aware of any instances of abuse of this vulnerability, we highly recommend that any Zope site running versions of Zope up to and including 2.4.0 have this hotfix product installed to mitigate this issue. (Zope 2.4.1 will not require the installation of a separate hotfix).

README

http://www.zope.org/Products/Zope/Hotfix_2001-07-25/Hotfix_2001-07-25.tar.gz

Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)