Am 24.10.2006 um 15:11 schrieb Jens Vagelpohl:

Hash: SHA1

Tres, I am afraid you seem to be the only one able to verify this. IIRC the security fix is yours as - of course - is CMF. ;-)

The CMF is not tied to one person. No one has "responsibility for all eternity" to fix it, even for no-longer-maintained versions.

Someone has to take decisions every now and then.

I am ready to remove irrelevant combinations, but in this case I have been reluctant up to now because of the possible security implications.

CMF 1.4 is unmaintained. This has been known for a long time. Plone, as the largest "customer", prescribes specific Zope and CMF versions, which obviously have been tested ad infinitum. I don't see the value for continuing to automatically test combinations that are not used.

Agreed, deprecate it and maybe consider introducing a process for deprecation (as well as an easy way to check the version... wink)

Charlie Clark
Helmholtzstr. 20
D- 40215
Tel: +49-211-938-5360
GSM: +49-178-782-6226

Zope-CMF maillist  -

See for bug reports and feature requests

Reply via email to