[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.155
Tres Seaver
tseaver at zope.com
Thu Jan 8 15:32:51 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv734/doc
Modified Files:
Tag: Zope-2_6-branch
CHANGES.txt
Log Message:
- Some property types were stored in a mutable data type (list) which
could potentially allow untrusted code to effect changes on those
properties without going through appropriate security checks in
particular scenarios.
=== Zope/doc/CHANGES.txt 1.535.2.154 => 1.535.2.155 ===
--- Zope/doc/CHANGES.txt:1.535.2.154 Thu Jan 8 15:26:27 2004
+++ Zope/doc/CHANGES.txt Thu Jan 8 15:32:20 2004
@@ -8,6 +8,11 @@
Bugs Fixed
+ - Some property types were stored in a mutable data type (list) which
+ could potentially allow untrusted code to effect changes on those
+ properties without going through appropriate security checks in
+ particular scenarios.
+
- Inadequate type checking could allow unicode values passed to
RESPONSE.write() to be passed into deeper layers of asyncore,
where an exception would eventually be generated at a level that
More information about the Zope-Checkins
mailing list