there were several security-related fixes in the collector (and the
collector-mailing-list) in the last days. Normaly security-related stuff is
not visible for the public... and this seems to be good to avoid exploits

Lots of security-stuff is fixed now, but I don't think that all people will
migrate their servers as soon as possible (due to limited time, the
experience of the Zope-2.6.3-"desaster", vacations, etc.pp.). 

With all the mentioned security-exploits in the collector out there, the
probability of attacks will rise. And I don't think that this will shed a
"good light" on Zope.

My proposal: Can we have a delay for making security-related fixes public?
Just a month or two or so...

Cheers, Maik

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to