-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 13 Aug 2009 16:39:59 +0000 Source: zope2.9 Binary: zope2.9-sandbox zope2.9 Architecture: source amd64 all Version: 2.9.6-4etch2 Distribution: oldstable-security Urgency: high Maintainer: Debian/Ubuntu Zope Team <pkg-zope-developers@lists.alioth.debian.org> Changed-By: Nico Golde <nion@debian.org> Description: zope2.9 - Open Source Web Application Server zope2.9-sandbox - sandbox instance for the zope2.9 web application server Closes: 540464 Changes: zope2.9 (2.9.6-4etch2) oldstable-security; urgency=high . * Non-maintainer upload by the security team. * Fix two vulnerabilities in the ZODB ZEO network protocol (closes: #540464) - CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers - CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers Files: d9acba8fb8981d626357ef9d22dc19e5 878 web optional zope2.9_2.9.6-4etch2.dsc e26b1a97ba98194cb6624085aff6abd0 6977379 web optional zope2.9_2.9.6.orig.tar.gz 3702a3e4a4519b57a12c7cccc164cf47 17874 web optional zope2.9_2.9.6-4etch2.diff.gz cc82b279f1ad82a1d076a6fa3c780d2e 6992354 web optional zope2.9_2.9.6-4etch2_amd64.deb 48f2c56b9372820369fa91bef4f5559a 11916 web optional zope2.9-sandbox_2.9.6-4etch2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqERIoACgkQHYflSXNkfP9HOwCfTX5VtloIXQ8xtkkuyMadBndE g6wAn3AgAmsJi4iwJu52/Jii6h9iYH/R =hxaw -----END PGP SIGNATURE----- Accepted: zope2.9-sandbox_2.9.6-4etch2_all.deb to pool/main/z/zope2.9/zope2.9-sandbox_2.9.6-4etch2_all.deb zope2.9_2.9.6-4etch2.diff.gz to pool/main/z/zope2.9/zope2.9_2.9.6-4etch2.diff.gz zope2.9_2.9.6-4etch2.dsc to pool/main/z/zope2.9/zope2.9_2.9.6-4etch2.dsc zope2.9_2.9.6-4etch2_amd64.deb to pool/main/z/zope2.9/zope2.9_2.9.6-4etch2_amd64.deb