Nuxeo mailing list archives
[Nuxeo-tickets] Re: [Nuxeo Repository] #1887: Security hole in
CPSUserFolder
Nuxeo Repository
trac at nuxeo.com
Tue Jan 22 00:02:52 CET 2008
#1887: Security hole in CPSUserFolder
---------------------------+------------------------------------------------
Reporter: madarche | Owner: madarche
Type: defect | Status: closed
Priority: P1 | Milestone: CPS 3.4.6
Component: CPSUserFolder | Version: TRUNK
Severity: critical | Resolution: fixed
Keywords: |
---------------------------+------------------------------------------------
Changes (by madarche):
* status: new => closed
* resolution: => fixed
Comment:
The problem has been fixed with changeset [52505].
A "hotfix" product is available for CPS portals not using the last
CPSUserFolder version source:CPS3/hotfix/CPSHotFix-CPSUserFolder/trunk
To protect your CPS portal with the hotfix product:
1. download the hotfix product in the Products directory of your Zope
instance:
{{{
$ svn export https://svn.nuxeo.org/pub/CPS3/hotfix/CPSHotFix-
CPSUserFolder/trunk CPSHotFix-CPSUserFolder
}}}
2. Restart your Zope instance
The simple fact of restarting the Zope instance will load the hotfix.
--
Ticket URL: <https://svn.nuxeo.org/trac/pub/ticket/1887#comment:1>
Nuxeo Repository <http://www.cps-project.org/>
Nuxeo Repository
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.