-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 28 Mar 2007 16:49:59 +0200 Source: zope2.7 Binary: zope2.7 Architecture: source i386 Version: 2.7.5-2sarge4 Distribution: stable-security Urgency: high Maintainer: Debian Zope team <pkg-zope-developers@lists.alioth.debian.org> Changed-By: Jérémy Bobbio <lunar@debian.org> Description: zope2.7 - Open Source Web Application Server Closes: 416500 Changes: zope2.7 (2.7.5-2sarge4) stable-security; urgency=high . * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) Files: 8c2978255c5b9aa7306a976690f2a1b9 906 web optional zope2.7_2.7.5-2sarge4.dsc 685e49f63b9a702081892b6ed645089f 56167 web optional zope2.7_2.7.5-2sarge4.diff.gz b28fa77d6ad2819f60c231181e616ebd 2631626 web optional zope2.7_2.7.5-2sarge4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFGDCEu2PUjs9fQ72URArAxAKCipvkI89MZBbjUPVWvsRwhbC/fAgCeM2Zy OZKzv3Ee4+jOIdAaabIcNY8= =jrYO -----END PGP SIGNATURE----- Accepted: zope2.7_2.7.5-2sarge4.diff.gz to pool/main/z/zope2.7/zope2.7_2.7.5-2sarge4.diff.gz zope2.7_2.7.5-2sarge4.dsc to pool/main/z/zope2.7/zope2.7_2.7.5-2sarge4.dsc zope2.7_2.7.5-2sarge4_i386.deb to pool/main/z/zope2.7/zope2.7_2.7.5-2sarge4_i386.deb