Debian Security Advisory DSA 1113-1 (zope2.7)

Summary
The remote host is missing an update to zope2.7 announced via advisory DSA 1113-1. It was discovered that the Zope web application server allows read access to arbitrary pages on the server, if a user has the privilege to edit restructured text pages.
Solution
For the stable distribution (sarge) this problem has been fixed in version 2.7.5-2sarge2. The unstable distribution (sid) does no longer contain Zope 2.7 packages. We recommend that you upgrade your zope2.7 package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201113-1