发布日期：2000-08-16
更新日期：2000-08-16

受影响系统：

    Zope Zope 2.2 beta1
    Zope Zope 2.1.7
    Zope Zope 2.1.1
    Zope Zope 2.1.x
       - RedHat Powertools 6.2
       - RedHat PowerTools 6.1
       - Debian Linux 2.2
       - FreeBSD
    Zope Zope 1.10.3

描述：

---

Zope 的DocumentTemplate包中对一个基本类的采取了错误的保护方法，允许未授权用户
远程修改DTMLDocuments或DTMLMethods的内容。



建议：

---

[ RedHat ]

Red Hat Powertools 6.2:

noarch:
ftp://updates.redhat.com/powertools/6.2/noarch/Zope-Hotfix-DTML-08_09_2000-1.noarch.rpm

sources:
ftp://updates.redhat.com/powertools/6.2/SRPMS/Zope-Hotfix-DTML-08_09_2000-1.src.rpm

[ Debian ]

Debian GNU/Linux 2.2 alias potato
---------------------------------

  源码包:
    http://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6-5.1.diff.gz
      MD5 checksum: c75d6ccc953227214aa8cdcdc720c38a
    http://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6-5.1.dsc
      MD5 checksum: 8332bcfbadc37bbe32e2a64d3b41300f
    http://security.debian.org/dists/frozen/updates/main/source/zope_2.1.6.orig.tar.gz
      MD5 checksum: 6ec4320afd6925c24f9f1b5cd7c4d7c5
  Alpha 平台:
    http://security.debian.org/dists/frozen/updates/main/binary-alpha/zope_2.1.6-5.1_alpha.deb
      MD5 checksum: f3432b908238de8b2fef2d8f10dd82ae
  Arm 平台:
    http://security.debian.org/dists/frozen/updates/main/binary-arm/zope_2.1.6-5.1_arm.deb
      MD5 checksum: 59bb35f4ac17bf1aa6c37d76a624f3c7
  Intel ia32 平台:
    http://security.debian.org/dists/frozen/updates/main/binary-i386/zope_2.1.6-5.1_i386.deb
      MD5 checksum: 4716213c3986dd0e871a33acc8576c66
  PowerPC 平台:
    http://security.debian.org/dists/frozen/updates/main/binary-powerpc/zope_2.1.6-5.1_powerpc.deb
      MD5 checksum: 1345120dcca3a253b099b6d42ffc9f4b
  Sun Sparc 平台:
    http://security.debian.org/dists/frozen/updates/main/binary-sparc/zope_2.1.6-5.1_sparc.deb
      MD5 checksum: ed818435e7b672521d364a3c044a4043

[ FreeBSD ]

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/www/zope-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/zope-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/www/zope-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/www/zope-2.2.0.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/www/zope-2.2.0.tgz

浏览次数：9844
严重程度：0（网友投票）