[Zope-dev] zope-tests - OK: 21
This is the summary for test reports received on the zope-tests list between 2012-11-12 00:00:00 UTC and 2012-11-13 00:00:00 UTC: See the footnotes for test reports of unsuccessful builds. An up-to date view of the builders is also available in our buildbot documentation: http://docs.zope.org/zopetoolkit/process/buildbots.html#the-nightly-builds Reports received Successful - zopetoolkit_trunk - Build # 75 Successful - zopetoolkit_trunk_app - Build # 59 Zope-2.10 Python-2.4.6 : Linux Zope-2.11 Python-2.4.6 : Linux Zope-2.12 Python-2.6.8 : Linux Zope-2.13 Python-2.6.8 : Linux Zope-2.13 Python-2.7.3 : Linux Zope-trunk Python-2.6.8 : Linux Zope-trunk Python-2.7.3 : Linux winbot / ZODB_dev py_265_win32 winbot / ZODB_dev py_265_win64 winbot / ZODB_dev py_270_win32 winbot / ZODB_dev py_270_win64 winbot / ztk_10 py_254_win32 winbot / ztk_10 py_265_win32 winbot / ztk_10 py_265_win64 winbot / ztk_11 py_254_win32 winbot / ztk_11 py_265_win32 winbot / ztk_11 py_265_win64 winbot / ztk_11 py_270_win32 winbot / ztk_11 py_270_win64 Non-OK results -- ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
[Zope] path of a fileupload instance
Hiya I have a form with a field for a FileUpload object, which works ok. However, in my application I want to capture the path of that file, because I want to open still other files that I know by name from that very same directory. Any idea how to do that? The REQUEST simple contains the FileUpload instance. ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope and security vulnerability: 20121106
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 from the security announcement page: https://plone.org/products/plone/security/advisories/20121106-announcement This patch is compatible with all supported Plone versions (i.e. Plone 3 and Plone 4), it may work on earlier versions of Plone, but as these are unsupported they have had less testing done. so probably zope versions from 2.10.11 onwards are supported. see: http://dist.plone.org/release/3-latest/versions.cfg other versions UNSUPPORTED. if you really need to know which versions exactly are affected, you HAVE to find out yourself. either by trying it out in a test environment or by analyzing the whole commit history of affected modules in zope. people reported successful patching of Plone2.1 and i patched a Zope 2.8 instance too. but this is informal, not an official statement. On 11/13/2012 12:49 AM, Marcus Schopen wrote: Am Montag, den 12.11.2012, 11:13 -0700 schrieb Sean Upton: On Mon, Nov 12, 2012 at 5:31 AM, Marcus Schopen li...@localguru.de wrote: Am Montag, den 12.11.2012, 12:07 + schrieb Richard Harley: So, to clarify, does this affect plain Zope 2.10, no Plone? That's still the question to me ;) Why not try product installation and running your instance in the foreground. If anything breaks, comment out any specific inapplicable hotfix in __init__.py. A brief look at the source will tell you that it is unlikely you should need to do this, as conditional imports check what to apply. Yes, we all can go the long way of try and error and code inspection ... without knowing anything for sure in the end. Ciao! ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) - -- programmatic web development di(fh) johannes raggam / thet python plone zope development mail: off...@programmatic.pro web: http://programmatic.pro http://bluedynamics.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCiDWIACgkQW4mNMQxDgAc/sQCfShPVev83pbsd4KVk/RrVGsxJ GAQAoN5wbj//fgCUXPR8lsI0cBBj06SR =Tk6+ -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope and security vulnerability: 20121106
Am 13.11.2012 10:05, schrieb johannes raggam: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 from the security announcement page: https://plone.org/products/plone/security/advisories/20121106-announcement This patch is compatible with all supported Plone versions (i.e. Plone 3 and Plone 4), it may work on earlier versions of Plone, but as these are unsupported they have had less testing done. so probably zope versions from 2.10.11 onwards are supported. see: http://dist.plone.org/release/3-latest/versions.cfg other versions UNSUPPORTED. if you really need to know which versions exactly are affected, you HAVE to find out yourself. either by trying it out in a test environment or by analyzing the whole commit history of affected modules in zope. people reported successful patching of Plone2.1 and i patched a Zope 2.8 instance too. but this is informal, not an official statement. Hi! I successfully applied these hotfixes to Zope 2.13 versions without any problems. What puzzles me though is why was there no announcement for theses fixes here on zope ml? Or are these fixes not critical for pure Zope2 users? Or are these all fixed in the latest version of Zope2? kind regards, Jürgen On 11/13/2012 12:49 AM, Marcus Schopen wrote: Am Montag, den 12.11.2012, 11:13 -0700 schrieb Sean Upton: On Mon, Nov 12, 2012 at 5:31 AM, Marcus Schopen li...@localguru.de wrote: Am Montag, den 12.11.2012, 12:07 + schrieb Richard Harley: So, to clarify, does this affect plain Zope 2.10, no Plone? That's still the question to me ;) Why not try product installation and running your instance in the foreground. If anything breaks, comment out any specific inapplicable hotfix in __init__.py. A brief look at the source will tell you that it is unlikely you should need to do this, as conditional imports check what to apply. Yes, we all can go the long way of try and error and code inspection ... without knowing anything for sure in the end. Ciao! ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) - -- programmatic web development di(fh) johannes raggam / thet python plone zope development mail: off...@programmatic.pro web: http://programmatic.pro http://bluedynamics.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCiDWIACgkQW4mNMQxDgAc/sQCfShPVev83pbsd4KVk/RrVGsxJ GAQAoN5wbj//fgCUXPR8lsI0cBBj06SR =Tk6+ -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) -- XLhost.de ® - Webhosting von supersmall bis eXtra Large XLhost.de GmbH Jürgen Herrmann, Geschäftsführer Boelckestrasse 21, 93051 Regensburg, Germany Geschäftsführer: Jürgen Herrmann Registriert unter: HRB9918 Umsatzsteuer-Identifikationsnummer: DE245931218 Fon: +49 (0)800 XLHOSTDE [0800 95467833] Fax: +49 (0)800 95467830 Web: http://www.XLhost.de ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope and security vulnerability: 20121106
On Nov 13, 2012, at 10:16 , Jürgen Herrmann juergen.herrm...@xlhost.de wrote: I successfully applied these hotfixes to Zope 2.13 versions without any problems. What puzzles me though is why was there no announcement for theses fixes here on zope ml? Or are these fixes not critical for pure Zope2 users? Or are these all fixed in the latest version of Zope2? There was no announcement here because those patches were prepared by Plone developers without our knowledge and announced without our knowledge. The Zope developers know as much about these patches (meaning little to nothing) as any other Zope user. jens smime.p7s Description: S/MIME cryptographic signature ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope and security vulnerability: 20121106
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 it was overseen. quoting David Glick on [Zope-CMF] from 9-11-2012: We should have informed you earlier. There are a lot of tasks associated with preparing a hotfix (and this one in particular covered many vulnerabilities), and it got missed. I apologize. In the future, what's the best place to report possible CMF security issues? zope-cmf Launchpad? On 11/13/2012 10:30 AM, Jens Vagelpohl wrote: On Nov 13, 2012, at 10:16 , Jürgen Herrmann juergen.herrm...@xlhost.de wrote: I successfully applied these hotfixes to Zope 2.13 versions without any problems. What puzzles me though is why was there no announcement for theses fixes here on zope ml? Or are these fixes not critical for pure Zope2 users? Or are these all fixed in the latest version of Zope2? There was no announcement here because those patches were prepared by Plone developers without our knowledge and announced without our knowledge. The Zope developers know as much about these patches (meaning little to nothing) as any other Zope user. jens ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) - -- programmatic web development di(fh) johannes raggam / thet python plone zope development mail: off...@programmatic.pro web: http://programmatic.pro http://bluedynamics.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlCiITIACgkQW4mNMQxDgAcF9wCfcPZIoMnXwVR62lEjZhoqOi6W 1ugAnRSO9u05s/s3jTz/hiwbUflgVT2L =q6NB -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] path of a fileupload instance
Correct, but the filename attribute contains just the filename, not the path of the directory where it was uploaded from… cb On Nov 13, 2012, at 11:04 AM, Andreas Jung wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 REQUEST.yourfile.filename. The FileUpload instance has a 'filename' attributes. - -aj Kees de Brabander wrote: Hiya I have a form with a field for a FileUpload object, which works ok. However, in my application I want to capture the path of that file, because I want to open still other files that I know by name from that very same directory. Any idea how to do that? The REQUEST simple contains the FileUpload instance. ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) - -- ZOPYX Limited | Python | Zope | Plone | MongoDB Hundskapfklinge 33| Consulting Development D-72074 Tübingen | Electronic Publishing Solutions www.zopyx.com | Scalable Web Solutions - -- Produce Publish - www.produce-and-publish.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJQohsbAAoJEADcfz7u4AZjiH0Lv1x/09r2C6AakDK3H49l9jh5 8XvCLHBqbwKep4Ue+f8kKj3BdyDRZsg7ZkaISajndKPO2kyo1eNtBVD7v7XIhCGS oTKCLv7BqE5M7Or9YTkhAJR9C4yE+5EWRk7bchkh3f3w4wlFgf/cXaATnD8qm6uL CjmzwA3bapX39yyufaIqrifToyzvYu/BgF1g0uEf8NkxwbXP54T0b3hWaDXQZoQ2 XdWpTKQveV4G9HH5d5koAwD8gDYLIfrTh1T32ESLtrY26qct4fYvC4UU/AgRdbV1 TWhFNDSmYVXirHsK4odxS2tjCs0yqNAkzPsDMo82d5ZtSw0k7bqspFZrAf0vcZXA 6joAfyTVX5QI/RliExze4XOF6w+n/g+InV/2ErZtcN0pwk5Y2YcZTrrG8p2v3UxD JUpDXsDHzP5A4iQ19VI2eiwdvOXpkFMKkKxcKid7hLuccIUyc2SpygsRnhPXDbpp kuo+RIrcYzDs63gJD/jlaWN/BhRROu4= =XQX4 -END PGP SIGNATURE- lists.vcf ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] path of a fileupload instance
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is subject to browser. All browser - except IE (afaik) - only submit the filename without directory information. - -aj Kees de Brabander wrote: Correct, but the filename attribute contains just the filename, not the path of the directory where it was uploaded from? cb On Nov 13, 2012, at 11:04 AM, Andreas Jung wrote: REQUEST.yourfile.filename. The FileUpload instance has a 'filename' attributes. -aj Kees de Brabander wrote: Hiya I have a form with a field for a FileUpload object, which works ok. However, in my application I want to capture the path of that file, because I want to open still other files that I know by name from that very same directory. Any idea how to do that? The REQUEST simple contains the FileUpload instance. ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) lists.vcf - -- ZOPYX Limited | Python | Zope | Plone | MongoDB Hundskapfklinge 33| Consulting Development D-72074 Tübingen | Electronic Publishing Solutions www.zopyx.com | Scalable Web Solutions - -- Produce Publish - www.produce-and-publish.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJQon9AAAoJEADcfz7u4AZjSwsLv0Q6WXixh/gYddZObYa1O3F4 EmhCoFjfAwgFtT8WkWpTkP4l0myjOUqPdOhJvvBxPIAtqTDPu6V6YEXM5nK1loE4 Shjz3feKRsxP784arefzD1CpRiN/YQhMSn+ZYMyy/IpHV1Ypy7vsF1HJSaCY8sqm yaItArafhVrCrrSwGxOCaUNG83w6m0X0MlEg/phCmW3Lkz4lvwcgehEuiqHGYnrE TwpAiBnS4ucjdgR+Zkf9sSmxKkjUiBuYenHgsHZiXwDxYaXQra1NHeCrQha1DASx EliQuhN9Qz/A+4ZiAHj9yMwrVDEeK4oCwAxBuSsIxhO48Bj9mjXm33iSkyi0L7o7 1I0DQqCKl/1Rh6gFUmBtztzAvcz/vtB5tfjZ71u9zdQARd9zX2YKkdRQnA/l+tIG WgwbsR/Ium2xyDp9Piqfw0rGlZzLZrp3ekbAHVwdAHR7hqGUh6nXotbJVgCOjTDz PorJJ9CA/DZ+SWHQcQXyC8wtImS6zAI= =aN3X -END PGP SIGNATURE- attachment: lists.vcf___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] path of a fileupload instance
I was using IE and filename is just the file name, no directory information. So I will have to take another approach. Does a FileUpload instance have any other attributes than filename and header? On Nov 13, 2012, at 6:11 PM, Andreas Jung wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is subject to browser. All browser - except IE (afaik) - only submit the filename without directory information. - -aj Kees de Brabander wrote: Correct, but the filename attribute contains just the filename, not the path of the directory where it was uploaded from? cb On Nov 13, 2012, at 11:04 AM, Andreas Jung wrote: REQUEST.yourfile.filename. The FileUpload instance has a 'filename' attributes. -aj Kees de Brabander wrote: Hiya I have a form with a field for a FileUpload object, which works ok. However, in my application I want to capture the path of that file, because I want to open still other files that I know by name from that very same directory. Any idea how to do that? The REQUEST simple contains the FileUpload instance. ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) lists.vcf - -- ZOPYX Limited | Python | Zope | Plone | MongoDB Hundskapfklinge 33| Consulting Development D-72074 Tübingen | Electronic Publishing Solutions www.zopyx.com | Scalable Web Solutions - -- Produce Publish - www.produce-and-publish.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJQon9AAAoJEADcfz7u4AZjSwsLv0Q6WXixh/gYddZObYa1O3F4 EmhCoFjfAwgFtT8WkWpTkP4l0myjOUqPdOhJvvBxPIAtqTDPu6V6YEXM5nK1loE4 Shjz3feKRsxP784arefzD1CpRiN/YQhMSn+ZYMyy/IpHV1Ypy7vsF1HJSaCY8sqm yaItArafhVrCrrSwGxOCaUNG83w6m0X0MlEg/phCmW3Lkz4lvwcgehEuiqHGYnrE TwpAiBnS4ucjdgR+Zkf9sSmxKkjUiBuYenHgsHZiXwDxYaXQra1NHeCrQha1DASx EliQuhN9Qz/A+4ZiAHj9yMwrVDEeK4oCwAxBuSsIxhO48Bj9mjXm33iSkyi0L7o7 1I0DQqCKl/1Rh6gFUmBtztzAvcz/vtB5tfjZ71u9zdQARd9zX2YKkdRQnA/l+tIG WgwbsR/Ium2xyDp9Piqfw0rGlZzLZrp3ekbAHVwdAHR7hqGUh6nXotbJVgCOjTDz PorJJ9CA/DZ+SWHQcQXyC8wtImS6zAI= =aN3X -END PGP SIGNATURE- lists.vcf ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope-CMF] cmf-tests - OK: 8
This is the summary for test reports received on the cmf-tests list between 2012-11-12 00:00:00 UTC and 2012-11-13 00:00:00 UTC: See the footnotes for test reports of unsuccessful builds. An up-to date view of the builders is also available in our buildbot documentation: http://docs.zope.org/zopetoolkit/process/buildbots.html#the-nightly-builds Reports received CMF-2.2 Zope-2.12 Python-2.6.8 : Linux CMF-2.2 Zope-2.13 Python-2.6.8 : Linux CMF-2.3 Zope-2.13 Python-2.6.8 : Linux CMF-2.3 Zope-trunk Python-2.6.8 : Linux CMF-trunk Zope-2.13 Python-2.6.8 : Linux CMF-trunk Zope-2.13 Python-2.7.3 : Linux CMF-trunk Zope-trunk Python-2.6.8 : Linux CMF-trunk Zope-trunk Python-2.7.3 : Linux Non-OK results -- ___ Zope-CMF maillist - Zope-CMF@zope.org https://mail.zope.org/mailman/listinfo/zope-cmf See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests