Log message for revision 89701:
removed empty line
Changed:
_U Zope/branches/2.11/lib/python/zope/app/
-=-
Property changes on: Zope/branches/2.11/lib/python/zope/app
___
Name: svn:externals
- annotation
Log message for revision 89723:
- Launchpad #257269: 'raise SystemExit' with a PythonScript could shutdown
a complete Zope instance
Changed:
U Zope/trunk/doc/CHANGES.txt
U Zope/trunk/lib/python/Products/PythonScripts/PythonScript.py
U
Log message for revision 89727:
Monkey patch for LP #257276
This code is taken from the encodings module of Python 2.4.
Note that this code is originally (C) CNRI and it is possibly not compatible
with the ZPL and therefore should not live within svn.zope.org. However this
checkin is
Log message for revision 89731:
added
Changed:
A Zope/hotfixes/Hotfix_20080812/__init__.py
-=-
Added: Zope/hotfixes/Hotfix_20080812/__init__.py
===
--- Zope/hotfixes/Hotfix_20080812/__init__.py
Log message for revision 89732:
addedc
Changed:
U Zope/hotfixes/Hotfix_20080812/__init__.py
A Zope/hotfixes/Hotfix_20080812/version.txt
-=-
Modified: Zope/hotfixes/Hotfix_20080812/__init__.py
===
---
Log message for revision 89733:
fixes
Changed:
U Zope/hotfixes/Hotfix_20080812/__init__.py
-=-
Modified: Zope/hotfixes/Hotfix_20080812/__init__.py
===
--- Zope/hotfixes/Hotfix_20080812/__init__.py 2008-08-12 15:02:25 UTC
Log message for revision 89734:
added
Changed:
A Zope/hotfixes/Hotfix_20080812/tests/
-=-
___
Zope-Checkins maillist - Zope-Checkins@zope.org
http://mail.zope.org/mailman/listinfo/zope-checkins
Log message for revision 89735:
added
Changed:
A Zope/hotfixes/Hotfix_20080812/tests/__init__.py
-=-
Added: Zope/hotfixes/Hotfix_20080812/tests/__init__.py
===
--- Zope/hotfixes/Hotfix_20080812/tests/__init__.py
Log message for revision 89736:
added
Changed:
A Zope/hotfixes/Hotfix_20080812/tests/testPythonScript.py
-=-
Added: Zope/hotfixes/Hotfix_20080812/tests/testPythonScript.py
===
---
Log message for revision 89737:
cleanup
Changed:
U Zope/hotfixes/Hotfix_20080812/__init__.py
-=-
Modified: Zope/hotfixes/Hotfix_20080812/__init__.py
===
--- Zope/hotfixes/Hotfix_20080812/__init__.py 2008-08-12 15:09:12
Log message for revision 89743:
Make text of raised ValueError a correct sentence:
SystemExit can not raised with a PythonScript =
SystemExit can not be raised within a PythonScript
Changed:
U Zope/hotfixes/Hotfix_20080812/trunk/__init__.py
-=-
Modified:
Log message for revision 89745:
Since we are changing strings anyway... 'can not' - 'cannot'.
Changed:
U Zope/hotfixes/Hotfix_20080812/trunk/__init__.py
-=-
Modified: Zope/hotfixes/Hotfix_20080812/trunk/__init__.py
===
---
Log message for revision 89746:
re-added original (C) notice for 'encodings'
monkey-patch
Changed:
U Zope/trunk/lib/python/Products/PythonScripts/__init__.py
-=-
Modified: Zope/trunk/lib/python/Products/PythonScripts/__init__.py
Log message for revision 89747:
wording
Changed:
U Zope/trunk/lib/python/Products/PythonScripts/PythonScript.py
-=-
Modified: Zope/trunk/lib/python/Products/PythonScripts/PythonScript.py
===
---
Log message for revision 89749:
updated
Changed:
U Zope/hotfixes/Hotfix_20080812/trunk/version.txt
-=-
Modified: Zope/hotfixes/Hotfix_20080812/trunk/version.txt
===
--- Zope/hotfixes/Hotfix_20080812/trunk/version.txt
Log message for revision 89750:
'creating tag svn+ssh://[EMAIL
PROTECTED]/repos/main/Zope/hotfixes/Hotfix_20080812/tags/0.2 from
svn+ssh://[EMAIL PROTECTED]/repos/main/Zope/hotfixes/Hotfix_20080812/trunk'
Changed:
A Zope/hotfixes/Hotfix_20080812/tags/0.2/
-=-
Copied:
Log message for revision 89760:
Merge Maurits's r89745 as well: Proper English spelling of cannot.
Changed:
U Zope/trunk/lib/python/Products/PythonScripts/PythonScript.py
-=-
Modified: Zope/trunk/lib/python/Products/PythonScripts/PythonScript.py
Summary of messages to the zope-tests list.
Period Mon Aug 11 11:00:00 2008 UTC to Tue Aug 12 11:00:00 2008 UTC.
There were 5 messages: 5 from Zope Tests.
Tests passed OK
---
Subject: OK : Zope-2.8 Python-2.3.6 : Linux
From: Zope Tests
Date: Mon Aug 11 20:51:48 EDT 2008
URL:
zope.app.form items edit widgets don't provide the no value value if
the corresponding field is required. While this prevents invalid input, it
means that e.g. a drop-down box may then have one of the valid values
pre-selected. If user forgets to change that value, he could save the form
without
Thomas Lotze wrote:
zope.app.form items edit widgets don't provide the no value value if
the corresponding field is required. While this prevents invalid input, it
means that e.g. a drop-down box may then have one of the valid values
pre-selected. If user forgets to change that value, he could
Hi Thomas
Betreff: [Zope-dev] zope.app.form: Make no value always available?
zope.app.form items edit widgets don't provide the no value
value if the corresponding field is required. While this
prevents invalid input, it means that e.g. a drop-down box
may then have one of the valid
Roger Ineichen wrote:
I agree with this but...
The 2750 test in one of our well tested application will explode. And
probably some tests in the zope core and z3c will break too.
Since this is a miss behavior and I agree that this should get fixed. We
probably should think about a solution
Hi Thomas
Betreff: Re: [Zope-dev] zope.app.form: Make no value always
available?
[...]
If nobody else objects I'm fine with this changes and will
fix a Zope3
revision for this project and start to migrate to z3c.form.
We have to
do that anyway sometimes.
I don't understand
Hi All,
I could have sworn I reported this before but couldn't find anything in
the archives so apologies if I have posted this before...
Anyway, running zope.testrunner's trunk's tests on windows seems to have
some problems. These don't occur when running them on Linux.
cheers,
Chris
The
Hello,
after Chris Withers lightning talk at EPC 2008 I had a closer look
at the implementation of Python Scripts in Zope 2.11.
While I have not yet been able to break out of the restricted
environment without help from installed products, there are a few
denial-of-service attacks which can
*sigh*
I wished that both exploits were reported to the Zope bugtracker in order
to work on solutions before making the exploits public.
--On 12. August 2008 13:41:04 +0200 M.-A. Lemburg [EMAIL PROTECTED] wrote:
Hello,
1. Attack:
Put this into a Script (Python) object and run it:
Yeah, Mustaha!
Sometimes I think I'm a little stupid, jejejeje, I have in front of my nose
but I don't see it
I was solved the problem adding a y: type expression and then subclass the
PythonExpr with the __init__ method modified to change the expression
Too much difficult to do the job in an
The same question again and again
As a Zope user I prefer to know as soon as possible if Zope has security
problems like those
Perhaps the correct way will be to send the problem to the zope people and 2
weeks later then make it public
I think 2 weeks is a very correct period to solve a problem
--On 12. August 2008 14:16:44 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
*sigh*
I wished that both exploits were reported to the Zope bugtracker in order
to work on solutions before making the exploits public.
--On 12. August 2008 13:41:04 +0200 M.-A. Lemburg [EMAIL PROTECTED]
wrote:
--On 12. August 2008 16:05:47 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
--On 12. August 2008 14:16:44 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
*sigh*
I wished that both exploits were reported to the Zope bugtracker in order
to work on solutions before making the exploits public.
--On 12. August 2008 17:19:54 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
I created a preliminary hotfix
http://www.zope.org/advisories/Hotfix_20080812_0.1.tar.gz/view
After rough test: it seems to work for Zope trunk, 2.10 and 2.11
but has a failure for Zope 2.8.
I forgot to mention
--On 12. August 2008 17:31:06 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
--On 12. August 2008 17:19:54 +0200 Andreas Jung [EMAIL PROTECTED] wrote:
I created a preliminary hotfix
http://www.zope.org/advisories/Hotfix_20080812_0.1.tar.gz/view
After rough test: it seems to work for Zope
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Garito wrote:
The same question again and again
As a Zope user I prefer to know as soon as possible if Zope has security
problems like those
Perhaps the correct way will be to send the problem to the zope people and 2
weeks later then make it
Andreas Jung, on 2008-08-12:
After rough test: it seems to work for Zope trunk, 2.10 and 2.11
but has a failure for Zope 2.8.
I forgot to mention that the hotfix also seems to work for Zope 2.9.
(third-party confirmations are highly appreciated).
Update: the hotfix although works for Zope
Maurits van Rees, on 2008-08-12:
That's with: http://www.zope.org/advisories/Hotfix_20080812_0.1.tar.gz
Oh, that tarball contains a .svn directory...
I took the liberty of committing a change to the text of the raised
ValueError to make it a proper sentence. Old:
SystemExit can not raised
On 2008-08-12 18:04, Tres Seaver wrote:
Garito wrote:
The same question again and again
As a Zope user I prefer to know as soon as possible if Zope has security
problems like those
Perhaps the correct way will be to send the problem to the zope people and 2
weeks later then make it
--On 12. August 2008 19:38:16 +0200 M.-A. Lemburg [EMAIL PROTECTED] wrote:
On 2008-08-12 18:04, Tres Seaver wrote:
Garito wrote:
The same question again and again
As a Zope user I prefer to know as soon as possible if Zope has security
problems like those
Perhaps the correct way will
+---[ Andreas Jung ]--
|
| My conclusion after almost 9 years with Zope: PythonScripts and trusted
| code was a good and nice feature in the early days of Zope. The future
| is clearly trusted code in all its flavors. RestrictedPython,
| through-the-web editing (ZMI) and
Hi Chris, When I try to change a Squishdot rightbox_items title or even not
change anything and try to save it out I get this error thrown:
Site Error
An error was encountered while publishing this resource.
NameError
Sorry, a site error occurred.
Traceback (innermost last):
* Module
--On 12. August 2008 17:14:15 + Maurits van Rees
[EMAIL PROTECTED] wrote:
Andreas Jung, on 2008-08-12:
After rough test: it seems to work for Zope trunk, 2.10 and 2.11
but has a failure for Zope 2.8.
I forgot to mention that the hotfix also seems to work for Zope 2.9.
(third-party
On 2008-08-12 20:49, Andreas Jung wrote:
--On 12. August 2008 17:14:15 + Maurits van Rees
[EMAIL PROTECTED] wrote:
Andreas Jung, on 2008-08-12:
After rough test: it seems to work for Zope trunk, 2.10 and 2.11
but has a failure for Zope 2.8.
I forgot to mention that the hotfix also
Hi there
We have a server running many ZEO clusters (many more than the number of
CPUs, of course). Each cluster consists of a master and two clients.
Would it make sense to run both clients and spread requests across them?
Or would it be better to just increase the number of threads of a
42 matches
Mail list logo