So, to clarify, does this affect plain Zope 2.10, no Plone?

Rich
On 12/11/12 12:02, johannes raggam wrote: 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The affected versions go back a long time. I don't know it exactly,
but people have used it successfully with Plone 2.1 (from ancient
times) and I have patched Zope 2.8 instances too.


On 11/11/2012 09:43 PM, Allen Schmidt wrote:

For which zope versions?

On Nov 11, 2012 2:16 PM, "johannes raggam" <raggam-nl@adm.at 
<mailto:raggam-nl@adm.at>> wrote:

You can just apply the Plone hotfix for Zope only installations.
The Plone patches are not applied then.

Johannes

On 11/11/2012 06:32 PM, Marcus Schopen wrote:

Hi,


        

          
is a standard Zope affected by this security vulnerability or
only if Plone is installed:


        

        

http://plone.org/products/plone/security/advisories/20121106-announcement




        

          
The patch is replacing some basic classes therefore it looks to
me that Zope itself without any Plone is vulnerable too. If so
is there a Hotfix for Zope or new Zope version which fixes these 
bugs?


        

        

        

          
Ciao Marcus


        

        



        

          
_______________________________________________ Zope maillist  - 
Zope@zope.org <mailto:Zope@zope.org>


        

        
https://mail.zope.org/mailman/listinfo/zope **   No


        

          
cross posts or HTML encoding!  ** (Related lists - 
https://mail.zope.org/mailman/listinfo/zope-announce 
https://mail.zope.org/mailman/listinfo/zope-dev )


        

        


_______________________________________________ Zope maillist  -
Zope@zope.org <mailto:Zope@zope.org> 
https://mail.zope.org/mailman/listinfo/zope **   No cross posts or
HTML encoding!  ** (Related lists - 
https://mail.zope.org/mailman/listinfo/zope-announce 
https://mail.zope.org/mailman/listinfo/zope-dev )



      

      
- -- 
programmatic  web development
di(fh) johannes raggam / thet
python plone zope development
mail: office@programmatic.pro
web:  http://programmatic.pro
      http://bluedynamics.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlCg5WkACgkQW4mNMQxDgAfsyACgvbuoNO8ocpordzJmbH3X0OA2
gCsAnAkFNozMy1TRGWTKQjaYQgzLIisM
=DpGn
-----END PGP SIGNATURE-----
_______________________________________________
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )