[Zope-Annce] TAL Hotfix 2004-07-13 for Zope 2.7.0, 2.7.1

Fred Drake fred at zope.com
Tue Jul 13 11:41:58 EDT 2004

This hotfix product fixes a security bug in Page Templates.  This fix
ensures that values substituted in named slots in translated elements
are properly encoded.  If encoding is not desired and the source of
the replacement text is trusted, the "structure" modifier can be used
with the tal:content or tal:replace attribute to explicitly disable

Affected Versions

  This fix applies to Zope 2.7.0 and 2.7.1.  Zope versions 2.7.2 and
  newer already contain this fix, and do not require this hotfix.

Getting the Hotfix

  You can download the hotfix at:

  The product contains a README.txt file with installation


Fred L. Drake, Jr.  <fred at zope.com>
Zope Corporation

More information about the Zope-Announce mailing list