[Zope-dev] Re: Was: Re: 2.7.3 beta attribute permission problems
Tres Seaver
tseaver at zope.com
Fri Oct 22 08:38:07 EDT 2004
Andreas Jung wrote:
> how severe is the problem that you have fixed? According to some
> rumors the fix seems to break applications. The question for Zope
> 2.7.3 final is: is the problem severe enough to have it fixed for
> 2.7.3 with the risk of causing trouble with broken applications or
> can we defer the fix to Zope 2.8?
-1.
I have yet to get a reproducible test case (one which breaks on 2.7-head
but works on 2.7.2) from the examples folks have supplied. The bug
which I was fixing is a security issue, reported against CMF, but also
affecting Zope: http://zope.org/Collectors/CMF/259
Given that the change was required to implement a security fix, and
without a reproducible test case for the reported breakage, I don't
think we can credit the rumors. We *definitely* don't want to defer the
security fix.
I will ask Jim to review this with me today.
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope-Dev
mailing list