Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Zope: Coders

TAL Hotfix 2004-07-14 for Zope 2.7.0, 2.7.1

 

 

Zope coders RSS feed   Index | Next | Previous | View Threaded


fred at zope

Jul 14, 2004, 9:26 AM

Post #1 of 1 (844 views)
Permalink
TAL Hotfix 2004-07-14 for Zope 2.7.0, 2.7.1

This hotfix product fixes a security bug in Page Templates. This fix
ensures that values substituted in named slots in translated elements
are properly encoded. If encoding is not desired and the source of
the replacement text is trusted, the "structure" modifier can be used
with the tal:content or tal:replace attribute to explicitly disable
encoding.


Affected Versions

This fix applies to Zope 2.7.0 and 2.7.1. Zope versions 2.7.2 and
newer already contain this fix, and do not require this hotfix.

This fix also obsoletes 'Hotfix_20040713', so that should be
uninstalled when this hotfix is installed. See the README.txt
file provided with 'Hotfix_20040713' for instructions on
removing that hotfix.


Getting the Hotfix

You can download the hotfix at:
http://zope.org/Products/Zope/Hotfix_2004-07-14/Zope%202.7.0%20-%202.7.1/

The product contains a README.txt file with installation
instructions.


-Fred

--
Fred L. Drake, Jr. <fred at zope.com>
Zope Corporation


_______________________________________________
Zope-Coders mailing list
Zope-Coders [at] zope
http://mail.zope.org/mailman/listinfo/zope-coders

Zope coders RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.