Commit Graph

16 Commits

Author SHA1 Message Date
naddy
662deeaedb Our tar now handles the GNU @LongLink extension. 2002-10-18 20:53:01 +00:00
brad
078daae9a1 SECURITY: add 2002-06-14 hotfix
The issue involves the security of the indexes of ZCatalog objects. A flaw
in the security settings of ZCatalog allows anonymous users to call arbitrary
methods of catalog indexes. The vulnerability also allows untrusted code to
do the same.
--
From: MAINTAINER
2002-09-29 06:02:18 +00:00
matt
5f9671ba58 taken by Chris Humphries <chumphries@drauku.net> 2002-07-09 12:32:34 +00:00
matt
f943ccaa41 fix python not being called with full path; noticed by Dean Nevins
<openbsd@castlebartech.com>
2002-04-25 18:47:57 +00:00
matt
555fb7dc93 - 2.5.1
- make "prominent notices" in changed files for 100% license compliance
2002-04-25 15:38:54 +00:00
naddy
3ef18e1e59 SECURITY: Add hotfix; from matt@
The issue involves a vulnerability involving "through the web code"
inadvertently allowing an untrusted user to remotely shut down a
Zope server by allowing the user to inject special headers into the
response. If you allow untrusted users to write "through the web"
code like Python Scripts, DTML Methods, or Page Templates, your
Zope server is vulnerable.
2002-04-17 16:04:01 +00:00
matt
24e6cb0057 correct python dependency spec; ok naddy@ 2002-04-10 01:39:08 +00:00
matt
e44d12be40 Upgrade to 2.5.1b1, as it's got a few important fixes, and nobody
knows if 2.5.1 is going to come out in time for the release.

Also add my patch to fix setuid support (not used by default) and
set our own version string to distinguish this from an "official"
Zope release.
2002-03-26 02:50:23 +00:00
matt
ce5fec9266 zope 2.5.0 2002-02-15 19:55:56 +00:00
matt
186a286ede - update to 2.4.3
- package spec for gtar
- distinfo
2001-11-21 01:33:12 +00:00
espie
0e6f6f93bb Kill first component of BUILD_DEPENDS.
Fix sawfish comment while I'm at it.
`window manager for the X windows system'.
Like DUH ! It's going to be a window manager for my microwave oven ?
2001-11-10 15:00:47 +00:00
matt
26911033e4 - update to 2.4.2
- regress
- add zope-instance relative path support
- do optimizing compile on python files too, like lang/python, and use optimized in default zope-instance start script
2001-11-02 03:35:11 +00:00
matt
a55f22b676 typo, imports -> import, ok naddy@ 2001-10-17 03:10:35 +00:00
matt
c4ed8bcd0a - update to 2.4.1.1 (add 2001-09-28 hotfix for dtml-var fmt security checks)
- CONFIGURE_STYLE=gnu (spotted by naddy@)
- MODGNU_CONFIG_GUESS_DIRS even though it's not actually used by this configure script
2001-10-09 22:58:50 +00:00
matt
0f595d551d - update to 2.4.1
- depend on gtar instead of crazy hackery
2001-09-26 00:55:26 +00:00
matt
e6b5dd399c add zope-2.4.0.2 2001-08-05 20:44:41 +00:00