[Zope] Hotfix kills my Zope -- (ANNOUNCE: cgi.py vulnerability hotfix for Zope...)

Ron Bickers rbickers-dated-996702039.a7dad0@logicetc.com
Wed, 25 Jul 2001 17:40:38 -0400


This hotfix kills my Zope no matter what URL I try to visit.

Error Type: TypeError
Error Value: object is not callable: None

<!--
Traceback (innermost last):
  File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 223, in
publish_module
  File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 187, in
publish
  File /usr/local/zope-2.4.0/lib/python/Zope/__init__.py, line 226, in
zpublisher_exception_hook
    (Object: ApplicationDefaultPermissions)
  File /usr/local/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 136, in
publish
  File /usr/local/zope-2.4.0/lib/python/ZPublisher/HTTPRequest.py, line 405,
in processInputs
  File /var/tmp/python-2.1-root/usr/lib/python2.1/cgi.py, line 449, in
__init__
TypeError: (see above)

-->

_______________________

Ron Bickers
Logic Etc, Inc.


> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Brian
> Lloyd
> Sent: Wednesday, July 25, 2001 4:37 PM
> To: zope-announce@zope.org; zope@zope.org
> Subject: [Zope] ANNOUNCE: cgi.py vulnerability hotfix for Zope...
>
>
>   This hotfix addresses a potential denial-of-service vulnerability
>   in applications that use the Python cgi module (cgi.py) for parsing
>   of "multipart" Web form data (Zope uses this functionality internally).