[Zope] Zope and security vulnerability: 20121106
johannes raggam
raggam-nl at adm.at
Tue Nov 13 10:30:10 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
it was overseen.
quoting David Glick on [Zope-CMF] from 9-11-2012:
"""
We should have informed you earlier. There are a lot of tasks
associated with preparing a hotfix (and this one in particular covered
many vulnerabilities), and it got missed. I apologize.
In the future, what's the best place to report possible CMF security
issues? zope-cmf Launchpad?
"""
On 11/13/2012 10:30 AM, Jens Vagelpohl wrote:
>
> On Nov 13, 2012, at 10:16 , Jürgen Herrmann
> <Juergen.Herrmann at XLhost.de> wrote:
>> I successfully applied these hotfixes to Zope 2.13 versions
>> without any problems. What puzzles me though is why was there no
>> announcement for theses fixes here on zope ml? Or are these fixes
>> not critical for pure Zope2 users? Or are these all fixed in the
>> latest version of Zope2?
>
> There was no announcement here because those patches were prepared
> by Plone developers without our knowledge and announced without our
> knowledge. The Zope developers know as much about these patches
> (meaning little to nothing) as any other Zope user.
>
> jens
>
>
>
>
> _______________________________________________ Zope maillist -
> Zope at zope.org https://mail.zope.org/mailman/listinfo/zope ** No
> cross posts or HTML encoding! ** (Related lists -
> https://mail.zope.org/mailman/listinfo/zope-announce
> https://mail.zope.org/mailman/listinfo/zope-dev )
>
- --
programmatic web development
di(fh) johannes raggam / thet
python plone zope development
mail: office at programmatic.pro
web: http://programmatic.pro
http://bluedynamics.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlCiITIACgkQW4mNMQxDgAcF9wCfcPZIoMnXwVR62lEjZhoqOi6W
1ugAnRSO9u05s/s3jTz/hiwbUflgVT2L
=q6NB
-----END PGP SIGNATURE-----
More information about the Zope
mailing list