Search results
21 results
Sort by:
Plone 3.3.4 released
Plone 3.3 has a new maintenance release available, and you should upgrade to fix a potential security issue with Zope, and to make your site load faster.
Hotfix for Zope Security Issue Affecting Versions of Plone 4 Has Been Released
A code fix for a vulnerability in Zope 2.12.x and Zope 2.13.x that allows execution of arbitrary code by anonymous users affecting versions of Plone 4 is now available.
Plone Security Vulnerabilities and Fix Announced
On June 2nd, the Plone Security Team announced three security vulnerabilities in the Plone CMS, and released a Hotfix to eliminate the risk of them being exploited.
PloneFormGen vulnerability requires immediate upgrade
PloneFormGen, a widely used response-form-creation add-on for the Plone Content Management System, has been discovered to have a serious vulnerability that allows an anonymous attacker to execute arbitrary code with the privileges of the system user running the server.
Plone 20131210 Hotfix Released
The Plone Security team has released the first of its 4-monthly hotfixes.
Hotfix Posted for security vulnerability 20130618
Users of Plone 4.3, Plone 4.2, Plone 4.1, Plone 4, Plone 3, Plone 2.5 and Plone 2.1 should immediately apply this hotfix.
Plone Website Accounts Safe from Heartbleed
The plone.org website is safe from the Heartbleed bug and, as such, plone.org passwords have not been disclosed.
URGENT / ACTION REQUIRED Plone security vulnerability, hotfix 20150910
HotFix for Plone sites (all versions) with self-registration enabled
Security patch released: 20160419
Hotfix to patch various vulnerabilities
Minor Plone Security Fixes
The Plone Security Team has released new versions of several packages. These new versions remedy several security-related issues, none of which were significant enough to warrant a full security hotfix.
Plone's Outstanding Security Track Record
No credible report of a serious vulnerability in Plone being exploited in the wild. – published Jan 04, 2017 10:05 PM UTC, last modified Jan 05, 2017 03:26 PM UTC
Security patch 20210518 version 1.4 released
Version 1.4 of the hotfix to patch various vulnerabilities. This hotfix is recommended for Plone 4.3, 5.0, 5.1 and 5.2.
Security patch 20210518 version 1.5 released
Version 1.5 of the hotfix to patch various vulnerabilities. This hotfix is recommended for Plone 4.3, 5.0, 5.1 and 5.2.
Security vulnerability pre-announcement: 20210518
Hotfix to patch various vulnerabilities. This hotfix is recommended for Plone 4.3, 5.0, 5.1 and 5.2.
Security patch released 20210518
Hotfix to patch various vulnerabilities. This hotfix is recommended for Plone 4.3, 5.0, 5.1 and 5.2.
Plone 6
Plone 6 - secure, solid and easy to use. Content management for the users.
Security: Potential mail header vulnerability
Plone 2.0 has a bug that makes it potentially possible to insert extra headers in mail via the Send To form.
Zope Hotfix Installers Released
Thanks to the folks at Enfold Systems and Kamal Gill, users of the Plone installers now have a simple method of applying the recent Zope hotfix.
Urgent Zope Security Hotfix (CVE-2006-3458)
A patch has been created for an Zope vulnerability which affects Plone. Please download and install it.
Security: Zope 2.8 hotfix released
If you are still running Zope 2.8.x on your servers, a new potential information disclosure exploit was recently discovered and fixed.
Plone Security Advisory: Password Reset Tool
A potential security vulnerability was discovered as part of the recent security audit done in preparation for the 2.5.1 release. Any site running Plone 2.5 should upgrade to the latest version of Password Reset Tool. Plone 2.1.x and 2.0.x are not affected.