Personal tools
You are here: Home Members kedai's Home zope 2.6.3, zope 2.7.0b4 and the need for upgrade
« March 2018 »
Sun Mon Tue Wed Thu Fri Sat
1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Log in

Forgot your password?
Who - kedai (a) kedai . com . my
Where - Malaysia
What - we do zope/plone, linux solution for network, vpn, mail, etc
Document Actions

zope 2.6.3, zope 2.7.0b4 and the need for upgrade

by kedai last modified Jan. 09, 04 10:54 PM

It was announced that all zope sites prior to versions 2.6.3 and 2.7.0b4 need to update.

ZC did an audit and came up with plenty of issues. There is no way that any zope sites not upgrade.

Among the reasons to upgrade:

  • i doubt that there exist a site that does not make use of Script (Python)
  • xml-rpc marshalling exposing private methods (__some_method__)
  • sites that have untrusted codes must upgrade, methinks
  • some xss vulnerability in default ZSearch Interface codes for browsers that do not encode html entity (e.g. ie 5.5)

one thing that's not clear is whether python 2.3.3 is now needed to run zope? well, we'll find out soon, i guess.

also, i noticed that zope2.7.0b4 was mentioned in the announce, but it's not yet there at

use cvs?

Powered by Plone, the Open Source Content Management System

This site conforms to the following standards: