Hotfix to fix CVE 2010-1104 for Zope 2.8 - 2.13
This Zope hotfix fixes CVE 2010-1104.
This hotfix has been tested with Zope instances using Zope 2.8.x - 2.11.x. Users of Zope 2.12 and greater should instead update to the latest corresponding minor revision, which already includes this fix.
Zope < 2.12 is no longer officially supported, and may have other unpatched vulnerabilities. You are encouraged to upgrade to a supported Zope 2.
Download the tarball from the PyPI page:
Unpack the tarball and add a ‘products’ key to the ‘etc/zope.conf’ of your instance. E.g.:
and restart. Alternatively, you may copy or symlink the ‘Products’ directory into the ‘Products’ subdirectory of your Zope instance. E.g.:
$ cp -r /path/to/Products.Zope_Hotfix_CVE_2010_1104/Products \ /path/to/instance/Products/
Verifying the Installation
After restarting the Zope instance, check the ‘Control_Panel/Products’ folder in the Zope Management Interface, e.g.:
You should see the ‘Zope_Hotfix_CVE_2010_1104’ product folder there.
- Initial release
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|File Name & Checksum SHA256 Checksum Help||Version||File Type||Upload Date|
|Products.Zope_Hotfix_CVE_2010_1104-1.0.tar.gz (3.5 kB) Copy SHA256 Checksum SHA256||–||Source||Jan 18, 2012|