> If installed on 2.1.6, the product shows up as broken, since it
> tries to run
> "from OFS.ObjectManager import aq_base", which fails, since aq_base wasn't
> available in ObjectManager before 2.2.1 (!).
> Therefore I guess the Hotfix won't work for any versions prior to 2.2.1.
> According to the README, those versions are still vulnerable.
> Could somebody give me a hint if and how it's possible to backport the
> Hotfix to Zope 2.1.6 ?
You could add this to the hotfix module:
return getattr(object, 'aq_base', object)
...and use that instead of importing it.
Brian Lloyd [EMAIL PROTECTED]
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -