[Zope] Re: [Plone-Users] Python Security Vulnerabilities
Andreas Jung
lists at zopyx.com
Fri Aug 8 12:50:35 EDT 2008
--On 8. August 2008 10:09:56 -0500 Stacy Ladnier <Stacy.Ladnier at noaa.gov>
wrote:
> I first apologize for cross posting, but this is a critical issue for my
> organization.
>
> We have several applications built with Plone, ranging from v 2.0.5 to v
> 2.5.3 and Zope, ranging from 2.7.3 to 2.9.7. With the August 2008
> release of a Python security vulnerability
> (http://secunia.com/advisories/31305/), we are trying to determine how
> this affects our web applications and how to mitigate and detect any
> attacks. We have seen no discussion among the Zope and Plone communities
> regarding this security threat. Is this an indication that Zope and
> Plone are immune from these exploits due to the additional security
> model it puts in place or is everyone simply waiting for Python to
> release a patch?
>
I don't see any imminent thread for Zope based on the vague
advisories. As Limi said: wait until fixed Python versions are available.
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope/attachments/20080808/83e70b0c/attachment.bin
More information about the Zope
mailing list