Zope 2.11.8 (2011/02/04)
Bugs fixed
- Prevent publication of acquired attributes, where the acquired
object does not have a docstring.
https://bugs.launchpad.net/zope2/+bug/713253/
Zope 2.11.7 (2010/09/01)
Bugs Fixed
- Prevent uncaught exceptions from killing ZServer worker threads.
https://bugs.launchpad.net/zope2/+bug/627988
- Ensure that mailhosts which share a queue directory do not double-
deliver mails, by sharing the thread which processes emails for
that directory. https://bugs.launchpad.net/zope2/+bug/574286
- Process "evil" JSON cookies which contain double quotes in violation
of RFC 2965 / 2616. https://bugs.launchpad.net/zope2/+bug/563229
- Ensure that Acquistion wrapper classes always have a ``__getnewargs__``
method, even if it is not provided by the underlying ExtensionClass.
- Fix the ``tp_name`` of the ImplicitAcquisitionWrapper and
ExplicitAcquisitionWrapper to match their Python visible names and thus
have a correct ``__name__``.
- Expand the ``tp_name`` of Acquisition's extension types to hold the
fully qualified name. This ensures classes have their ``__module__``
set correctly.
- Updated 'pytz' external to point to '2010b' version.
- Protect ZCTextIndex's clear method against storing Acquisition wrappers.
- LP #195761: fixed ZMI XML export / import.
- MailHost should fall back to HELO when EHLO fails.
Zope 2.11.6 (2010/01/12)
Bugs Fixed
- LP #491224: proper escaping of rendered error message
- Also look for ZEXP imports within the clienthome directory. This
provides a place to put imports that won't be clobbered by buildout
in a buildout-based Zope instance.
- LP #143444: add labels to checkboxes / radio buttons on import
/ export form.
- Fixed improper handling of IF_MODIFIED_SINCE header
inside Five/browser/resource.py
Zope 2.11.5 (2009/12/22)
Bugs Fixed
- LP #490514: preserve tainting when calling into DTML from ZPT.
- LP #360761 (backported from Acquisition trunk): fix iteration proxy
to pass `self` acquisition-wrapped into `__iter__` and `__getitem__`.
- LP #414757 (backported from Zope trunk): don't emit a IEndRequestEvent
when clearing a cloned request.
- updated to ZODB 3.8.4
Zope 2.11.4 (2009/08/06)
Restructuring
- Moved exception MountedStorageError from ZODB.POSExceptions
to Products.TemporaryFolder.mount (now its only client).
- LP #253362: Moved Zope2-specific module, ZODB/Mount.py, to
Products/TemporaryFolder/mount.py (its only client is
Products/TemporaryFolder/TemporaryFolder.py).
- Removed spurious import-time dependencies from
Products/ZODBMountPoint/MountedObject.py.
Bugs Fixed
- Fixed vulnerabilities in the ZEO network protocol
affecting ZEO storage servers.
Zope 2.11.3 (2009/05/04)
Features added
- SiteErrorLog now includes the entry id in the information copied to
the event log. This allowes you to correlate a user error report with
the event log after a restart, or let's you find the REQUEST
information in the SiteErrorLog when looking at a traceback in the
event log.
Restructuring
- Updated to match all new versions from the yet-unreleased Zope 3.4.1
release (`http://svn.zope.org/zope.release/branches/3.4/
releases/controlled-packages.cfg?rev=99659`).
- Updated to include all new versions from the final Zope 3.4.0 release
(http://download.zope.org/zope3.4/3.4.0/).
- Added 'InitializeClass' alias in 'App.class_init' to ease migration.
In Zope 2.12 it will be recommended to import 'InitializeClass' from
'App.class_init' instead of 'Globals'.
- Moved 'ApplicationDefaultPermissions' from 'App.class_init' to
'AccessControl.Permissions', in order to break an import cycle
in third-party code which avoids imports from 'Globals.' Left
the class importable from its old location without deprecation.
- configure script: setting ZOPE_VERS to '2.11'
- Products.PluginIndexes.PathIndex: backported doc fixes /
optimizations from trunk (and ExtendedPathIndex).
- Updated 'pytz' from '2007f' to '2008i'.
- Moved svn:externals for 'mechanize', 'ClientPath', and 'pytz' to
versions managed outside the Zope3 trunk.
- Testing.ZopeTestCase: Remove quota argument from DemoStorage calls in
preparation for ZODB 3.9.
Bugs Fixed
- Launchpad #373299: Removed bogus string exception in OFS.CopySupport.
- ZPublisher response.setBody: don't append Accept-Encoding to Vary
header if it is already present - this can make cache configuration
difficult. (merged 99493)
- Launchpad #267834: proper separation of HTTP header fields
using CRLF as requested by RFC 2616. (merged 90980, 92625)
- Launchpad #348223: optimize catalog query by breaking out early from
loop over indexes if the result set is already empty.
- "Permission tab": correct wrong form parameter for
the user-permission report
- Launchpad #290254, DateTime/DateTime.py:
added '__setstate__' to cope with old pickles missing a '_micros'
attribute; Python's pickling support was creating a new instance,
*with* a '_micros' attribute, but not clearing that attribute before
updating the instance dict with the unpickled state.
- Launchpad #332168, Shared/DC/RDBMS/Connection.py:
do not expose DB connection strings through exceptions
- Launchpad #324876: tighened regex for detecting the charset
from a meta-equiv header
- Launchpad #174705: ensure that the error info object exposed to a
'tal:on_error' handler has attributes visible to restricted code.
- Acquisition wrappers now correctly proxy __iter__.
Zope 2.11.2 (2008/10/24)
Bugs Fixed
* Ensure that response header values cannot embed CRLF pairs,
which violate the HTTP spec (RFC 2616).
* Launchpad #282677: fixed implementation of guarded_map and provided
tests and implementation for guarded_zip (RestrictedPython).
* updated to ZODB 3.8.1
* Lauchpad #143736,#271395: fixed AttributeError' on _ltid in TempStorage
* AccessControl.ZopeGuards.guarded_import mapped some Unauthorized
exceptions onto ImportErrors: don't do that! Also, removed mutable
defaults from argument list, improved tests.
* LP #281156: AccessControl.SecurityInfo.secureModule dropped
ModuleSecurity for failed imports, obscuring later attempts to import
the same broken module.
* DateTime conversion of datetime objects with non-pytz
tzinfo. Timezones() returns a copy of the timezone list (allows tests
to run). (Backport of r89373 from trunk).
* LP #253362: better dealing with malformed HTTP_ACCEPT_CHARSET headers
* integrated Hotfix-2008-08-12
* Launchpad #267545: DateTime(DateTime()) now preserves the correct hour
* Launchpad #262313: respect the Expand macros when editing flag when
editing a page template through the ZMI
Zope 2.11.1 (2008/07/17)
Bugs Fixed
- Suppressed DeprecationWarning during import of ZPublisher.Iterators:
that module needs to use Z2-style interfaces in 2.11, for BBB, but
the Interface module itself issues the warning on import.
- Launchpad #246748: added 'immediate' option to sendXXX() methods
for sending a mail immediately by-passing the zope.sendmail delivery
mechanism
- Launchpad #246290: fixed backward compatibility issue
- zope.testing : updated to 3.5.3
- Launchpad #245649: the Products package is now a proper
"namespace package" under the rules specified by setuptools.
- zope.viewlets: updated to 3.4.2
- zope.sendmail: updated to 3.5.0 (fixing Launchpad #230831)
- Launchpad #239636: Ensure that HEAD requests lock an empty body
for NotFound errors.
- fixed outdated transaction.commit(1) call in
ZODBMountPoint.SimpleTrailblazer
Some new features of Zope 2.11:
* ZODB 3.8 with blob support (binary large objects)
* Zope 3.4 integration
* transactional Mailhost implementation
* lots of minor improvements and fixes
For more information on what is new in this release, see the CHANGES.txt
files for the release:
http://www.zope.org/Products/Zope/2.11.0/CHANGES.txt
