there were several security-related fixes in the collector (and the
collector-mailing-list) in the last days. Normaly security-related stuff is
not visible for the public... and this seems to be good to avoid exploits
Lots of security-stuff is fixed now, but I don't think that all people will
migrate their servers as soon as possible (due to limited time, the
experience of the Zope-2.6.3-"desaster", vacations, etc.pp.).
With all the mentioned security-exploits in the collector out there, the
probability of attacks will rise. And I don't think that this will shed a
"good light" on Zope.
My proposal: Can we have a delay for making security-related fixes public?
Just a month or two or so...
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -