It seems that Debian, on Agoust, made a security update on zope2.10, zope2.11 and zope-common.
zope2.10 (this package)
zope2.11 (2.11.4-1) unstable; urgency=high
* New upstream release, fixes two vulnerabilities in the ZEO network
protocol: CVE-2009-0668 and CVE-2009-0669. (closes: #540463)
* Add support to start a particular instance to initscript.
* Bump pre-depends on zope-common to 0.5.49 and build-depends on debhelper
to 0.3.14 to use invoke-rc.d in maintainer scripts. (closes: #540158)
* Set urgency=high as this upload fixes two serious bugs.
-- Jonas Meurer <email address hidden> Sun, 09 Aug 2009 16:00:28 +0200
zope-common (0.5.49) unstable; urgency=high
* add zope2.12 to known zope releases in dzhandle.
* bump standards-version to 3.8.2, noch changes needed.
* bump debhelper compat level to 6.
* add russian debconf translation, thanks to Yuri Kozlov. (closes: #539466)
* add spanish debconf translation, thanks to Fernando González de Requena.
(closes: #539588)
* use 'invoke-rc.d zopeZVER restart INSTANCE=<name>' to restart pending zope
instances in DZRestartPendingInstances.run().
* add Breaks: zope2.7, zope2.8, zope2.9, zope2.10 (<< 2.10.9), zope2.11
(<< 2.11.4) for that reason.
* set urgency=high for that reason.
-- Jonas Meurer <email address hidden> Mon, 10 Aug 2009 14:44:40 +0200
Ubuntu, on karmic, synced only zope2.10 breaking the dependences on zope-common, this bug report.
For lucid I suggest a sync/merge with upstream.
For karmic?
A SRU with the right dependences closes this bug, but doesn't solve the bug mentioned on changelog.
It seems that Debian, on Agoust, made a security update on zope2.10, zope2.11 and zope-common.
zope2.10 (this package)
zope2.11 (2.11.4-1) unstable; urgency=high
* New upstream release, fixes two vulnerabilities in the ZEO network
protocol: CVE-2009-0668 and CVE-2009-0669. (closes: #540463)
* Add support to start a particular instance to initscript.
* Bump pre-depends on zope-common to 0.5.49 and build-depends on debhelper
to 0.3.14 to use invoke-rc.d in maintainer scripts. (closes: #540158)
* Set urgency=high as this upload fixes two serious bugs.
-- Jonas Meurer <email address hidden> Sun, 09 Aug 2009 16:00:28 +0200
zope-common (0.5.49) unstable; urgency=high
* add zope2.12 to known zope releases in dzhandle. gInstances. run().
* bump standards-version to 3.8.2, noch changes needed.
* bump debhelper compat level to 6.
* add russian debconf translation, thanks to Yuri Kozlov. (closes: #539466)
* add spanish debconf translation, thanks to Fernando González de Requena.
(closes: #539588)
* use 'invoke-rc.d zopeZVER restart INSTANCE=<name>' to restart pending zope
instances in DZRestartPendin
* add Breaks: zope2.7, zope2.8, zope2.9, zope2.10 (<< 2.10.9), zope2.11
(<< 2.11.4) for that reason.
* set urgency=high for that reason.
-- Jonas Meurer <email address hidden> Mon, 10 Aug 2009 14:44:40 +0200
Ubuntu, on karmic, synced only zope2.10 breaking the dependences on zope-common, this bug report.
For lucid I suggest a sync/merge with upstream.
For karmic?
A SRU with the right dependences closes this bug, but doesn't solve the bug mentioned on changelog.
How we proceed in this case?