A security issue affects the following Ubuntu releases:
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 5.10: zope2.8 2.8.1-5ubuntu0.2
In general, a standard system upgrade is sufficient to effect the necessary changes.
Zope did not deactivate the 'raw' command when exposing RestructuredText functionalities to untrusted users. A remote user with the privilege of editing Zope webpages with RestructuredText could exploit this to expose arbitrary files that can be read with the privileges of the Zope server.