CVE-2007-5741: Unsafe data interpreted as pickles
This issue has been assigned CVE-2007-5741.
- Plone 2.5 up to and including 2.5.4
- Plone 3.0 up to and including 3.0.2
These fixes will be included in the 2.5.5 and 3.0.3 releases, at which point this hotfix can be removed.
Installing the hotfix
If an updated Plone is not released by the time you read this, or you can not upgrade your Plone, you can install Plone Hotfix 2007-11-06. The hotfix can be installed as a normal Zope product:
- Extract it in the Products directory of your Zope instance
- Restart Zope
- Verify that the hotfix is listed in the product management page in the Zope Control Panel