About Ubuntu

=========================================================== Ubuntu Security Notice USN-317-1 July 13, 2006 zope2.8 vulnerability CVE-2006-3458 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: zope2.8 2.8.1-5ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Zope did not deactivate the 'raw' command when exposing RestructuredText functionalities to untrusted users. A remote user with the privilege of editing Zope webpages with RestructuredText could exploit this to expose arbitrary files that can be read with the privileges of the Zope server.