Updated Zope packages are available which fix a number of security issues
Zope is a python-based application server. A number of security hotfixes have been made available for Zope: The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. (CAN-2002-0687) ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. (CAN-2002-0688) Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. (CAN-2002-0170) Users should upgrade to these errata packages that have the Zope Hotfixes 2002-03-01, 2002-04-15, and 2002-06-14 applied, and are therefore not vulnerable to these issues.