==========================================================Ubuntu Security Notice USN-229-1 December 13, 2005
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 2.8.1-5ubuntu0.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.
Zope did not deactivate the file inclusion feature when exposing
RestructuredText functionalities to untrusted users. A remote user
with the privilege of editing Zope webpages with RestructuredText
could exploit this to expose arbitrary files that can be read with the
privileges of the Zope server, or execute arbitrary Zope code.