On Fri, 23 Jan 2004 12:17:38 +0100 Dario Lopez-Kästen <[EMAIL PROTECTED]> wrote:
> Chris Withers wrote: > > > Hi, > > > > Can anyone shed light on all of these? I know about some of them, > > but this is quite a disturbingly long list... > > What is the current status of these issues? I am running a rather > larges site with sensitive personal data. They are fixed in the latest releases of Zope 2.6 and 2.7 > The decision to use Python/Zope instead of Java/uPortal is very much > debated by people whith power, and I am trying to protect the > investment made in Zope. The security vulnerabilities were not publically announced until new versions of Zope were available that fixed them. > I know, you get what you pay for etc, but I am struggling to keep Zope > > instead of having to migrate to Java, and it is hard enouigh as it > is. All this is politics, perception and logistics and has nothing to > do with technical advantage. Actually with Zope, I think you get a lot more than you pay for ;^) > Unfortunately I cannot help very much in resolving these issues since > I am not knowledgeable enough to be able to help, but I would like to > follow the status of these issues, under NDA if need be. The issues are already resolved. The only question is whether you can do a timely upgrade to a fixed version. > It is also a matter of taking steps to protect personal data. Download a new version of Zope and test it out with a copy of your application. Let us know if anything breaks. -Casey _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )