[Zope-CMF] CMF security patches in Products.PloneHotfix20121106
Jens Vagelpohl
jens at dataflake.org
Fri Nov 9 16:02:13 UTC 2012
Hi all,
I don't recall any information being provided to the CMF developers about CMF fixes in the most recent Plone Hotfix:
http://plone.org/products/plone-hotfix/releases/20121106
For example, there's a monkey patch to make sure getToolByName only returns valid tool objects and nothing else, see the attached file.
I'm not sure if there's an oversight of not forwarding this information to us or if it was determined this fix is not relevant for the CMF. Would any list member who also works on Plone have an insight?
Thanks!
jens
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gtbn.py
Type: text/x-python-script
Size: 1121 bytes
Desc: not available
URL: <http://mail.zope.org/pipermail/zope-cmf/attachments/20121109/bc57d482/attachment.bin>
-------------- next part --------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4322 bytes
Desc: not available
URL: <http://mail.zope.org/pipermail/zope-cmf/attachments/20121109/bc57d482/attachment.p7s>
More information about the Zope-CMF
mailing list