Hi! Normally I do not comment on security patches for Zope because they fix very minor issues. The recent patch announced on http://www.zope.org/Products/Zope/Hotfix_2001-07-25/security_alert is different. We tested the exploit script provided at sourceforge, and it immediately pushed any of our servers we tested it on to > 90% system load. With two or three calls of the script, any Zope server (including all other services running on the server) can be brought to a halt. So please take care of your servers! The exploit is posted with the bug report, and anybody who nows how to copy&paste and start a python script can use it to stop any Zope server in the world that is unprotected. Moreover, there seems to be an Opera bug that has the same effect ... Cheers iuveno AG Joachim Werner CEO