Fwd: [Plone-Announce] 20151006 hotfix released

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Fwd: [Plone-Announce] 20151006 hotfix released

Danilo Dellaquila
Hola a todos,

acaba de salir un parche de seguridad para Plone 4 https://plone.org/products/plone-hotfix/releases/20151006.

Este es solo para Plone 4, el Plone 5 no se ve afectado mientras que las versiones más antiguas ya no están soportadas.

Tenéis que ponerla cuanto antes pero ojo porque en este caso solo se puede aplicar haciendo el Buildout.

   Danilo Dellaquila

-------- Forwarded Message --------
Subject: [Plone-Announce] 20151006 hotfix released
Date: Tue, 6 Oct 2015 18:06:39 +0200
From: Announcement of Plone releases and security-related notifications. Recommended subscription for all Plone developers and site admins. [hidden email]
Reply-To: [hidden email]
To: [hidden email]

A hotfix for all versions of Plone 4.x. Fixes multiple CSRF vulnerabilities in Zope: https://plone.org/products/plone-hotfix/releases/201510061

for more information on the nature of the issue, see https://plone.org/products/plone/security/advisories/security-vulnerability-20151006-csrf

This is the follow up to Announcement: https://community.plone.org/t/security-vulnerability-pre-announcement-20151006/979/2

The Plone Security Best Practices docs have been updated: http://docs.plone.org/manage/deploying/production/securitybestpractices.html

Usuarios-Plone mailing list
[hidden email]

Attached Message Part (82 bytes) Download Attachment
Attached Message Part (179 bytes) Download Attachment