[Zope-dev] Resolved security-related collector issues for the
public?
Maik Jablonski
maik.jablonski at uni-bielefeld.de
Wed Jan 21 15:20:32 EST 2004
Hi,
there were several security-related fixes in the collector (and the
collector-mailing-list) in the last days. Normaly security-related stuff is
not visible for the public... and this seems to be good to avoid exploits
etc.
Lots of security-stuff is fixed now, but I don't think that all people will
migrate their servers as soon as possible (due to limited time, the
experience of the Zope-2.6.3-"desaster", vacations, etc.pp.).
With all the mentioned security-exploits in the collector out there, the
probability of attacks will rise. And I don't think that this will shed a
"good light" on Zope.
My proposal: Can we have a delay for making security-related fixes public?
Just a month or two or so...
Cheers, Maik
More information about the Zope-Dev
mailing list