Date: Tue, 27 Jun 2000 12:07:53 -0700 (PDT) From: thomas@hentschel.net To: alex@FreeBSD.org Cc: freebsd-ports@FreeBSD.org Subject: Re: ports/19329: zope ports security vulnerability Message-ID: <200006271907.MAA55394@falcon.home.hentschel.net> In-Reply-To: <200006271032.DAA20192@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 Jun, alex@FreeBSD.org wrote: > Synopsis: zope ports security vulnerability > > State-Changed-From-To: open->feedback > State-Changed-By: alex > State-Changed-When: Tue Jun 27 03:28:46 PDT 2000 > State-Changed-Why: > alex:~/work/zope $ make >>> Zope-2.1.7-src.tgz doesn't seem to exist on this system. >>> Attempting to fetch from http://www.zope.org/Products/Zope/2.1.7/. > fetch: Zope-2.1.7-src.tgz: www.zope.org: HTTP server returned error code 404 >>> Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/. > fetch: pub/FreeBSD/ports/distfiles/Zope-2.1.7-src.tgz: cannot get remote modification time > fetch: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/Zope-2.1.7-src.tgz: FTP error: > fetch: File unavailable (e.g., file not found, no access) >>> Couldn't fetch it - please try to retrieve this >>> port manually into /usr/ports/distfiles/ and try again. > *** Error code 1 > > And I can't find the 2.1.7 distfile anywhere on the mastersite... > > How come? > > Well, Digital Creations (the creators of zope) decided to pull that release (it had other problems) and create a "hotfix" instead (http://www.zope.org/ZopeNews?query_start=13) which has to be installed thru Zope. I send out a mail in regards to that as soon as I became aware of it, it's attached below again. -Th From: thomas@hentschel.net Subject: Re: ports/19329: zope ports security vulnerability Date: Fri, 16 Jun 2000 11:16:59 -0700 (PDT) To: gnats-admin@FreeBSD.org Cc: freebsd-ports@FreeBSD.org Oh well, scratch that PR. Digital Creations changed their mind and pulled the 2.1.7 release in favor of a hotfix which can be found at http://www.zope.org/Products/Zope/Hotfix_06_16_2000. This will fix the aforementioned security problem. This makes the patch below obsolete, so this PR can be closed -Th To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006271907.MAA55394>