27023d95c0
Zope 2.11.8 (2011/02/04) Bugs fixed - Prevent publication of acquired attributes, where the acquired object does not have a docstring. https://bugs.launchpad.net/zope2/+bug/713253/ Zope 2.11.7 (2010/09/01) Bugs Fixed - Prevent uncaught exceptions from killing ZServer worker threads. https://bugs.launchpad.net/zope2/+bug/627988 - Ensure that mailhosts which share a queue directory do not double- deliver mails, by sharing the thread which processes emails for that directory. https://bugs.launchpad.net/zope2/+bug/574286 - Process "evil" JSON cookies which contain double quotes in violation of RFC 2965 / 2616. https://bugs.launchpad.net/zope2/+bug/563229 - Ensure that Acquistion wrapper classes always have a ``__getnewargs__`` method, even if it is not provided by the underlying ExtensionClass. - Fix the ``tp_name`` of the ImplicitAcquisitionWrapper and ExplicitAcquisitionWrapper to match their Python visible names and thus have a correct ``__name__``. - Expand the ``tp_name`` of Acquisition's extension types to hold the fully qualified name. This ensures classes have their ``__module__`` set correctly. - Updated 'pytz' external to point to '2010b' version. - Protect ZCTextIndex's clear method against storing Acquisition wrappers. - LP #195761: fixed ZMI XML export / import. - MailHost should fall back to HELO when EHLO fails. Zope 2.11.6 (2010/01/12) Bugs Fixed - LP #491224: proper escaping of rendered error message - Also look for ZEXP imports within the clienthome directory. This provides a place to put imports that won't be clobbered by buildout in a buildout-based Zope instance. - LP #143444: add labels to checkboxes / radio buttons on import / export form. - Fixed improper handling of IF_MODIFIED_SINCE header inside Five/browser/resource.py Zope 2.11.5 (2009/12/22) Bugs Fixed - LP #490514: preserve tainting when calling into DTML from ZPT. - LP #360761 (backported from Acquisition trunk): fix iteration proxy to pass `self` acquisition-wrapped into `__iter__` and `__getitem__`. - LP #414757 (backported from Zope trunk): don't emit a IEndRequestEvent when clearing a cloned request. - updated to ZODB 3.8.4 Zope 2.11.4 (2009/08/06) Restructuring - Moved exception MountedStorageError from ZODB.POSExceptions to Products.TemporaryFolder.mount (now its only client). - LP #253362: Moved Zope2-specific module, ZODB/Mount.py, to Products/TemporaryFolder/mount.py (its only client is Products/TemporaryFolder/TemporaryFolder.py). - Removed spurious import-time dependencies from Products/ZODBMountPoint/MountedObject.py. Bugs Fixed - Fixed vulnerabilities in the ZEO network protocol affecting ZEO storage servers. Zope 2.11.3 (2009/05/04) Features added - SiteErrorLog now includes the entry id in the information copied to the event log. This allowes you to correlate a user error report with the event log after a restart, or let's you find the REQUEST information in the SiteErrorLog when looking at a traceback in the event log. Restructuring - Updated to match all new versions from the yet-unreleased Zope 3.4.1 release (`http://svn.zope.org/zope.release/branches/3.4/ releases/controlled-packages.cfg?rev=99659`). - Updated to include all new versions from the final Zope 3.4.0 release (http://download.zope.org/zope3.4/3.4.0/). - Added 'InitializeClass' alias in 'App.class_init' to ease migration. In Zope 2.12 it will be recommended to import 'InitializeClass' from 'App.class_init' instead of 'Globals'. - Moved 'ApplicationDefaultPermissions' from 'App.class_init' to 'AccessControl.Permissions', in order to break an import cycle in third-party code which avoids imports from 'Globals.' Left the class importable from its old location without deprecation. - configure script: setting ZOPE_VERS to '2.11' - Products.PluginIndexes.PathIndex: backported doc fixes / optimizations from trunk (and ExtendedPathIndex). - Updated 'pytz' from '2007f' to '2008i'. - Moved svn:externals for 'mechanize', 'ClientPath', and 'pytz' to versions managed outside the Zope3 trunk. - Testing.ZopeTestCase: Remove quota argument from DemoStorage calls in preparation for ZODB 3.9. Bugs Fixed - Launchpad #373299: Removed bogus string exception in OFS.CopySupport. - ZPublisher response.setBody: don't append Accept-Encoding to Vary header if it is already present - this can make cache configuration difficult. (merged 99493) - Launchpad #267834: proper separation of HTTP header fields using CRLF as requested by RFC 2616. (merged 90980, 92625) - Launchpad #348223: optimize catalog query by breaking out early from loop over indexes if the result set is already empty. - "Permission tab": correct wrong form parameter for the user-permission report - Launchpad #290254, DateTime/DateTime.py: added '__setstate__' to cope with old pickles missing a '_micros' attribute; Python's pickling support was creating a new instance, *with* a '_micros' attribute, but not clearing that attribute before updating the instance dict with the unpickled state. - Launchpad #332168, Shared/DC/RDBMS/Connection.py: do not expose DB connection strings through exceptions - Launchpad #324876: tighened regex for detecting the charset from a meta-equiv header - Launchpad #174705: ensure that the error info object exposed to a 'tal:on_error' handler has attributes visible to restricted code. - Acquisition wrappers now correctly proxy __iter__. |
||
---|---|---|
.. | ||
files | ||
Makefile.common | ||
product.mk | ||
replace.mk | ||
zopeversion.mk |