[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.161

Tres Seaver tseaver at zope.com
Thu Jan 8 16:03:06 EST 2004


Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv6197/doc

Modified Files:
      Tag: Zope-2_6-branch
	CHANGES.txt 
Log Message:


  - The ZTUtils SimpleTree decompressed tree state data from the 
    request without checking for final size, which could allow for 
    certain types of DoS attacks.


=== Zope/doc/CHANGES.txt 1.535.2.160 => 1.535.2.161 ===
--- Zope/doc/CHANGES.txt:1.535.2.160	Thu Jan  8 15:58:18 2004
+++ Zope/doc/CHANGES.txt	Thu Jan  8 16:02:35 2004
@@ -8,6 +8,10 @@
 
     Bugs Fixed
 
+     - The ZTUtils SimpleTree decompressed tree state data from the 
+       request without checking for final size, which could allow for 
+       certain types of DoS attacks.
+
      - Inadequate security assertions on administrative "find" methods 
        could potentially be abused.
 




More information about the Zope-Checkins mailing list