TITLE: Debian update for zope-cmfplone SECUNIA ADVISORY ID: SA19640 VERIFY ADVISORY: http://secunia.com/advisories/19640/ CRITICAL: Less critical IMPACT: Security Bypass, Manipulation of data WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for zope-cmfplone. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain information. For more information: SA19633 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/z/zope-cmfplone/zope-cmfplone_2.0.4-3sarge1.dsc Size/MD5 checksum: 631 a053c5bce18eaf5fb8147f910e3a9a45 http://security.debian.org/pool/updates/main/z/zope-cmfplone/zope-cmfplone_2.0.4-3sarge1.diff.gz Size/MD5 checksum: 18535 5454fbc73a1b9ce261df8fe575151878 http://security.debian.org/pool/updates/main/z/zope-cmfplone/zope-cmfplone_2.0.4.orig.tar.gz Size/MD5 checksum: 695622 d2aadef81cf605d4ca790b354591e7f3 Architecture independent components: http://security.debian.org/pool/updates/main/z/zope-cmfplone/plone_2.0.4-3sarge1_all.deb Size/MD5 checksum: 6924 5b095ccfbcfb4a4b0fe13078dd11a88d http://security.debian.org/pool/updates/main/z/zope-cmfplone/zope-cmfplone_2.0.4-3sarge1_all.deb Size/MD5 checksum: 685644 b290b314ade28ae494c49e72b14179d0 -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.1.2-2. ORIGINAL ADVISORY: http://www.debian.org/security/2006/dsa-1032 OTHER REFERENCES: SA19633: http://secunia.com/advisories/19633/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------