Date: Sat, 23 Mar 2002 02:04:29 -0800 (PST) From: Neil Blakey-Milner <nbm@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/www/zope Makefile distinfo pkg-plist Message-ID: <200203231004.g2NA4T266413@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
nbm 2002/03/23 02:04:29 PST
Modified files:
www/zope Makefile distinfo pkg-plist
Log:
Implement the HotFix described at
http://www.zope.org/Products/Zope/Hotfix_2002-03-01/README.txt which
says:
``The issue involves the checking of security for objects with proxy
roles. The context of the owner user that created the object with
proxy roles was not being taken into account when determining access
to the object with proxy roles. This flaw could allow users defined
in subfolders of a site with sufficient privileges to access objects
at higher levels in the site that they would not normally be able to
access.''
PR: 36103
Submitted by: HAYASHI Yasushi <yasi@yasi.to>
Revision Changes Path
1.35 +6 -3 ports/www/zope/Makefile
1.22 +1 -0 ports/www/zope/distinfo
1.26 +4 -0 ports/www/zope/pkg-plist
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203231004.g2NA4T266413>