This hotfix product fixes a security bug in Page Templates.  This fix
ensures that values substituted in named slots in translated elements
are properly encoded.  If encoding is not desired and the source of
the replacement text is trusted, the "structure" modifier can be used
with the tal:content or tal:replace attribute to explicitly disable

Affected Versions

  This fix applies to Zope 2.7.0 and 2.7.1.  Zope versions 2.7.2 and
  newer already contain this fix, and do not require this hotfix.

Getting the Hotfix

  You can download the hotfix at:

  The product contains a README.txt file with installation


Fred L. Drake, Jr.  <fred at>
Zope Corporation

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to