Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix
From: Matthew Wilkes <matthew.wilkes () plone org>
Date: Wed, 07 Nov 2012 16:30:53 +0000

Hi *,

Jan has asked me for a breakdown of what patches in our bulk hotfix relate to what issues, so here you go:

https://plone.org/products/plone/security/advisories/20121106/01 - registerConfiglet.py https://plone.org/products/plone/security/advisories/20121106/02 - setHeader.py https://plone.org/products/plone/security/advisories/20121106/03 - allowmodule.py https://plone.org/products/plone/security/advisories/20121106/04 - python_scripts.py createObject https://plone.org/products/plone/security/advisories/20121106/05 - get_request_var_or_attr.py https://plone.org/products/plone/security/advisories/20121106/06 - kssdevel.py https://plone.org/products/plone/security/advisories/20121106/07 - widget_traversal.py https://plone.org/products/plone/security/advisories/20121106/08 - uid_catalog.py
https://plone.org/products/plone/security/advisories/20121106/09 - gtbn.py
https://plone.org/products/plone/security/advisories/20121106/10 - python_scripts.py {u,}translate https://plone.org/products/plone/security/advisories/20121106/11 - python_scripts.py go_back https://plone.org/products/plone/security/advisories/20121106/12 - kupu_spellcheck.py https://plone.org/products/plone/security/advisories/20121106/13 - membership_tool.py https://plone.org/products/plone/security/advisories/20121106/14 - queryCatalog.py https://plone.org/products/plone/security/advisories/20121106/15 - python_scripts.py formatColumns https://plone.org/products/plone/security/advisories/20121106/16 - renameObjectsByPaths.py https://plone.org/products/plone/security/advisories/20121106/17 - at_download.py https://plone.org/products/plone/security/advisories/20121106/18 - safe_html.py
https://plone.org/products/plone/security/advisories/20121106/19 - ftp.py
https://plone.org/products/plone/security/advisories/20121106/20 - widget_traversal.py
https://plone.org/products/plone/security/advisories/20121106/21 - atat.py
https://plone.org/products/plone/security/advisories/20121106/22 - python_scripts.py https://plone.org/products/plone/security/advisories/20121106/23 - django_crypto.py https://plone.org/products/plone/security/advisories/20121106/24 - random_string


=>  preliminary 24 CVE ids needed.

Once we get twenty four assigned I'll match them against this list in the same order.

Matt


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault