[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.625.2.105
Brian Lloyd
brian at zope.com
Wed Jan 21 15:10:48 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv2683/doc
Modified Files:
Tag: Zope-2_7-branch
CHANGES.txt
Log Message:
updated
=== Zope/doc/CHANGES.txt 1.625.2.104 => 1.625.2.105 ===
--- Zope/doc/CHANGES.txt:1.625.2.104 Tue Jan 20 15:36:22 2004
+++ Zope/doc/CHANGES.txt Wed Jan 21 15:10:46 2004
@@ -4,16 +4,29 @@
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
- Next release
+ Zope 2.7.0 rc 2
Bugs Fixed
+ - One of the 2.6.3 fixes added a previously missing security check
+ when binding 'context' and 'container' to Python Scripts. Because
+ many existing scripts appear in containers that users cannot access,
+ this caused a lot of unauthorized errors in existing (mostly CMF)
+ sites, since 'container' is bound by default. The fix has been
+ adjusted so that an unauthorized is only raised if the bound name
+ is actually used in a script, making backward compatibility much
+ better.
+
+ - Collector #1154 / # 615: interaction with sessions could cause
+ the security context to be discarded, potentially breaking scripts
+ that depend on proxy roles.
+
- Stopped overriding the version of xmlrpclib in the Python
standard library. As of Python 2.3, the standard xmlrpclib now
includes all the features Zope needs, plus bugfixes and
integration with new Python types.
- Zope 2.7.0b5
+ Zope 2.7.0 rc1
Bugs Fixed
More information about the Zope-Checkins
mailing list