On Thu, Oct 8, 2009 at 5:15 PM, John Murphy <jackie@zope.com> wrote:

We recently were bit by a segfault bug in zope.security (https://bugs.launchpad.net/zope3/+bug/181833) when migrating an application from Python 2.4 to 2.6.  The newest zope.security (3.7.1, http://pypi.python.org/pypi/zope.security/3.7.1#id1) has a fix for the bug.

We noticed that the KGS 3.4.0b2 uses zope.security 3.4.0 and KGS 3.5dev uses zope.security 3.6.0, both of which are vulnerable to this bug.  It would be great if the fixed version was incorporated into the KGS soon, as segfaults during garbage collection are pretty serious -- not to mention tough to track down :)

I think you will need to update your own application specific version set. The Zope 3 KGS is currently unmaintained. The future of the Zope 3 project is currently unknown. The last release has been eight months ago and there is currently no active maintenance going on. Sorry, Hanno

On Thursday 08 October 2009, John Murphy wrote:

We noticed that the KGS 3.4.0b2 uses zope.security 3.4.0 and KGS 3.5dev uses zope.security 3.6.0, both of which are vulnerable to this bug. It would be great if the fixed version was incorporated into the KGS soon, as segfaults during garbage collection are pretty serious -- not to mention tough to track down :)

Please note that Zope 3.4 only supports Python 2.5. Once the ZTK story is worked out, I will create a new way to create another Zope 3 release (Or what ever I have to name it sigh). Regards, Stephan -- Entrepreneur and Software Geek Google me. "Zope Stephan Richter"