[Zope-dev] cgi.py vulnerability = opera multipart handling
Dieter Maurer
dieter@handshake.de
Thu, 26 Jul 2001 21:16:48 +0200 (CEST)
Christian Theune writes:
> It seems that my longrunning-unanswered problem with Opera
> and Zope (see earlier Posts) is the same as the cgi.py
> problem.
>
> My Question: These Requests, that cause the DoS, are they
> malformed or valid?
>
> I need to know because if they are malformed, i have to blame
> the opera team, if they are valid, i have to blame someone
> at ZC to fix it otherwise.
Why do you want to blame someone?
Install the "cgi" fix and be happy if your problem disappears.
If not, we (mostly you) need to look further to find
the cause of your problem...
Remember, you did not pay 200.000 $ to get Zope....
Dieter