[triangle-zpug] Security hole fix?

Robert Geiger robert at geigers.net
Wed Jan 31 23:26:19 CET 2007

I'm finding that someone is telling me I need to patch a security hole. 
  They claimed there was a hot fix for this problem.

As they described it:

There is a known security exploit in the Plone system which can allow 
posting non-image content, such as a script, html or other items, into 
the "portrait" areas.

I checked the Plone site, and there is no reference that I can find 
regarding this problem.

I have Plone 2.5.   Should I just upgrade it to the latest 2.5.2 and 
will that solve the problem?

Thanks for your help.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: robert.vcf
Type: text/x-vcard
Size: 171 bytes
Desc: not available
Url : http://starship.python.net/pipermail/triangle-zpug/attachments/20070131/a0b5646f/attachment.vcf 

More information about the triangle-zpug mailing list