Jim Fulton wrote:
On Jul 18, 2006, at 2:55 PM, David Pratt wrote:
Hi Jim. I was noticing a 0.4.0-zope in distutils
I don't know what you mean by this.
that looks patched with NotImplementedErrors for the offending code
in docutils.parsers.rst.directives.misc. Can you when this will land
in the Zope3 trunk?
Yes, I mean docutils, sorry.
If you mean patching the docutils, then as far as I'm concerned, it will
never land in the Zope 3 trunk.
The right solution to this problem is to write applications that use
docutils correctly, not to patch docutils.
You are probably right but just the same I'd rather see the patched
version for z3 also since I am certain this will become less obvious
over time if it is left the way it is.
Alternatively, perhaps a text file for these security issues could be
included in the distribution so it is not forgotten with any
recommendations for a programmer to avoid known security issues.
Zope3-users mailing list