8 Dec
2000
8 Dec
'00
10:38 p.m.
Andrew Kuchling wrote:
On Fri, Dec 08, 2000 at 03:48:52PM -0500, Brian Lloyd wrote:
The hotfix will work for all versions of Zope 2.2.0 and higher. A future version of Zope will contain the fix for this issue, and you will be able to uninstall the hot fix after upgrading.
A slight modification to the patch makes it work (meaning, "run without raising an exception") on Zope 2.1.6; patch below. Can someone at DC confirm that this patched version fixes the problem for 2.1.x and doesn't break anything else? (If you want to privately send me an exploit, that would be quite helpful.)
AFAICT 2.1.6 is not vulnerable. Shane