Contact Us
24/7
Python BlogDjango BlogSearch for Kubernetes Big DataSearch for Kubernetes AWS BlogCloud Services

News

<< All NewsSix Feet Up Available to Help Patch Zope Security Vulnerability Affecting Plone

Six Feet Up Available to Help Patch Zope Security Vulnerability Affecting Plone

November 2, 2012

The Plone and Zope Security teams have announced the discovery of a critical vulnerability affecting Zope and sites powered by all versions of Plone. The vulnerability allows privilege escalation, potentially allowing users to gain elevated access to resources that are normally protected from an application or user and possibly perform unauthorized actions.

Due to the severity of this issue, the Plone Security Team is providing an advance warning of an upcoming patch, which will be released at 15:00 UTC (10:00am US EDT) on Tuesday, November 6th, 2012.

Due to the nature of the vulnerability, the security team has decided to pre-announce that a fix is upcoming before disclosing the details, to ensure that concerned users can plan around the release. As the fix being published will make the details of the vulnerability public, we are recommending that all of our clients schedule time to apply the patch to their websites as soon as it becomes available.

You may also want to protect your site by putting it in maintenance mode at the time of the announcement of the vulnerability details on Tuesday and until the patch is applied to your site to prevent any possible exploit. Maintenance mode means that the site is offline and a maintenance page displays to visitors if you have one available. Please contact us ASAP if you'd like us to place your website in maintenance mode or assist you in doing so.

For more details, please visit the Plone website.


Questions and Answers

for details and/or to schedule the
work. Requests will be addressed and work scheduled based on the order
in which requests are received. Please email

How can we assist you in reaching your objectives?
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.