r2636 - in zope2.12/trunk/debian (3 files)
mejo at users.alioth.debian.org
mejo at users.alioth.debian.org
Thu Jan 19 00:29:02 UTC 2012
Date: Thursday, January 19, 2012 @ 00:29:00
Author: mejo
Revision: 2636
update for new upstream
Modified:
zope2.12/trunk/debian/changelog
zope2.12/trunk/debian/patches/series
Deleted:
zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch
Modified: zope2.12/trunk/debian/changelog
===================================================================
--- zope2.12/trunk/debian/changelog 2011-12-16 05:24:46 UTC (rev 2635)
+++ zope2.12/trunk/debian/changelog 2012-01-19 00:29:00 UTC (rev 2636)
@@ -1,3 +1,12 @@
+zope2.12 (2.12.22-1) unstable; urgency=low
+
+ * New upstream release (2.12.22)
+ - Fixes cross-site-scripting attack (CVE-2010-1104).
+ - Remove patch Zope2-fix_serious_authentication_vulnerability.patch,
+ now incorporated upstream.
+
+ -- Jonas Meurer <mejo at debian.org> Thu, 19 Jan 2012 01:28:13 +0100
+
zope2.12 (2.12.20-3) unstable; urgency=low
* Remove ClientForm from DEB_SATISFIED as it's going to be dropped soonish.
Deleted: zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch
===================================================================
--- zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch 2011-12-16 05:24:46 UTC (rev 2635)
+++ zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch 2012-01-19 00:29:00 UTC (rev 2636)
@@ -1,55 +0,0 @@
-Description: Fix serious authentication vulnerability in stock configuration.
-Author: Zope Foundation and Contributors <zope-dev at zope.org>
-Last-Update: 2011-10-24
-
---- a/source/Zope2/src/AccessControl/User.py
-+++ b/source/Zope2/src/AccessControl/User.py
-@@ -1027,6 +1027,8 @@
- """ returns true if domain auth mode is set to true"""
- return getattr(self, '_domain_auth_mode', None)
-
-+InitializeClass(BasicUserFolder)
-+
-
- class UserFolder(BasicUserFolder):
-
---- a/source/Zope2/src/AccessControl/tests/testUser.py
-+++ b/source/Zope2/src/AccessControl/tests/testUser.py
-@@ -227,7 +227,15 @@
- # TODO class Test_readUserAccessFile(unittest.TestCase)
-
-
--# TODO class BasicUserFoldertests(unittest.TestCase)
-+class BasicUserFolderTests(unittest.TestCase):
-+
-+ def _getTargetClass(self):
-+ from AccessControl.User import BasicUserFolder
-+ return BasicUserFolder
-+
-+ def test_manage_users_security_initialized(self):
-+ uf = self._getTargetClass()()
-+ self.assertTrue(hasattr(uf, 'manage_users__roles__'))
-
-
- class UserFolderTests(unittest.TestCase):
-@@ -494,11 +502,12 @@
-
-
- def test_suite():
-- suite = unittest.TestSuite()
-- suite.addTest(unittest.makeSuite(BasicUserTests))
-- suite.addTest(unittest.makeSuite(SimpleUserTests))
-- suite.addTest(unittest.makeSuite(SpecialUserTests))
-- suite.addTest(unittest.makeSuite(UnrestrictedUserTests))
-- suite.addTest(unittest.makeSuite(NullUnrestrictedUserTests))
-- suite.addTest(unittest.makeSuite(UserFolderTests))
-- return suite
-+ return unittest.TestSuite((
-+ unittest.makeSuite(BasicUserTests),
-+ unittest.makeSuite(SimpleUserTests),
-+ unittest.makeSuite(SpecialUserTests),
-+ unittest.makeSuite(UnrestrictedUserTests),
-+ unittest.makeSuite(NullUnrestrictedUserTests),
-+ unittest.makeSuite(BasicUserFolderTests),
-+ unittest.makeSuite(UserFolderTests),
-+ ))
Modified: zope2.12/trunk/debian/patches/series
===================================================================
--- zope2.12/trunk/debian/patches/series 2011-12-16 05:24:46 UTC (rev 2635)
+++ zope2.12/trunk/debian/patches/series 2012-01-19 00:29:00 UTC (rev 2636)
@@ -3,4 +3,3 @@
Zope2-webdav_urljoin.patch
Zope2-deb_zopeconf.patch
ZODB3-fix_shebang.patch
-Zope2-fix_serious_authentication_vulnerability.patch
More information about the pkg-zope-developers
mailing list