Zope 2.11.8 (2011/02/04)
Bugs fixed
- Prevent publication of acquired attributes, where the acquired
object does not have a docstring.
https://bugs.launchpad.net/zope2/+bug/713253/
Zope 2.11.7 (2010/09/01)
Bugs Fixed
- Prevent uncaught exceptions from killing ZServer worker threads.
https://bugs.launchpad.net/zope2/+bug/627988
- Ensure that mailhosts which share a queue directory do not double-
deliver mails, by sharing the thread which processes emails for
that directory. https://bugs.launchpad.net/zope2/+bug/574286
- Process "evil" JSON cookies which contain double quotes in violation
of RFC 2965 / 2616. https://bugs.launchpad.net/zope2/+bug/563229
- Ensure that Acquistion wrapper classes always have a ``__getnewargs__``
method, even if it is not provided by the underlying ExtensionClass.
- Fix the ``tp_name`` of the ImplicitAcquisitionWrapper and
ExplicitAcquisitionWrapper to match their Python visible names and thus
have a correct ``__name__``.
- Expand the ``tp_name`` of Acquisition's extension types to hold the
fully qualified name. This ensures classes have their ``__module__``
set correctly.
- Updated 'pytz' external to point to '2010b' version.
- Protect ZCTextIndex's clear method against storing Acquisition wrappers.
- LP #195761: fixed ZMI XML export / import.
- MailHost should fall back to HELO when EHLO fails.
Zope 2.11.6 (2010/01/12)
Bugs Fixed
- LP #491224: proper escaping of rendered error message
- Also look for ZEXP imports within the clienthome directory. This
provides a place to put imports that won't be clobbered by buildout
in a buildout-based Zope instance.
- LP #143444: add labels to checkboxes / radio buttons on import
/ export form.
- Fixed improper handling of IF_MODIFIED_SINCE header
inside Five/browser/resource.py
Zope 2.11.5 (2009/12/22)
Bugs Fixed
- LP #490514: preserve tainting when calling into DTML from ZPT.
- LP #360761 (backported from Acquisition trunk): fix iteration proxy
to pass `self` acquisition-wrapped into `__iter__` and `__getitem__`.
- LP #414757 (backported from Zope trunk): don't emit a IEndRequestEvent
when clearing a cloned request.
- updated to ZODB 3.8.4
Zope 2.11.4 (2009/08/06)
Restructuring
- Moved exception MountedStorageError from ZODB.POSExceptions
to Products.TemporaryFolder.mount (now its only client).
- LP #253362: Moved Zope2-specific module, ZODB/Mount.py, to
Products/TemporaryFolder/mount.py (its only client is
Products/TemporaryFolder/TemporaryFolder.py).
- Removed spurious import-time dependencies from
Products/ZODBMountPoint/MountedObject.py.
Bugs Fixed
- Fixed vulnerabilities in the ZEO network protocol
affecting ZEO storage servers.
Zope 2.11.3 (2009/05/04)
Features added
- SiteErrorLog now includes the entry id in the information copied to
the event log. This allowes you to correlate a user error report with
the event log after a restart, or let's you find the REQUEST
information in the SiteErrorLog when looking at a traceback in the
event log.
Restructuring
- Updated to match all new versions from the yet-unreleased Zope 3.4.1
release (`http://svn.zope.org/zope.release/branches/3.4/
releases/controlled-packages.cfg?rev=99659`).
- Updated to include all new versions from the final Zope 3.4.0 release
(http://download.zope.org/zope3.4/3.4.0/).
- Added 'InitializeClass' alias in 'App.class_init' to ease migration.
In Zope 2.12 it will be recommended to import 'InitializeClass' from
'App.class_init' instead of 'Globals'.
- Moved 'ApplicationDefaultPermissions' from 'App.class_init' to
'AccessControl.Permissions', in order to break an import cycle
in third-party code which avoids imports from 'Globals.' Left
the class importable from its old location without deprecation.
- configure script: setting ZOPE_VERS to '2.11'
- Products.PluginIndexes.PathIndex: backported doc fixes /
optimizations from trunk (and ExtendedPathIndex).
- Updated 'pytz' from '2007f' to '2008i'.
- Moved svn:externals for 'mechanize', 'ClientPath', and 'pytz' to
versions managed outside the Zope3 trunk.
- Testing.ZopeTestCase: Remove quota argument from DemoStorage calls in
preparation for ZODB 3.9.
Bugs Fixed
- Launchpad #373299: Removed bogus string exception in OFS.CopySupport.
- ZPublisher response.setBody: don't append Accept-Encoding to Vary
header if it is already present - this can make cache configuration
difficult. (merged 99493)
- Launchpad #267834: proper separation of HTTP header fields
using CRLF as requested by RFC 2616. (merged 90980, 92625)
- Launchpad #348223: optimize catalog query by breaking out early from
loop over indexes if the result set is already empty.
- "Permission tab": correct wrong form parameter for
the user-permission report
- Launchpad #290254, DateTime/DateTime.py:
added '__setstate__' to cope with old pickles missing a '_micros'
attribute; Python's pickling support was creating a new instance,
*with* a '_micros' attribute, but not clearing that attribute before
updating the instance dict with the unpickled state.
- Launchpad #332168, Shared/DC/RDBMS/Connection.py:
do not expose DB connection strings through exceptions
- Launchpad #324876: tighened regex for detecting the charset
from a meta-equiv header
- Launchpad #174705: ensure that the error info object exposed to a
'tal:on_error' handler has attributes visible to restricted code.
- Acquisition wrappers now correctly proxy __iter__.
27023d95c0