[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.171
Brian Lloyd
brian at zope.com
Wed Jan 21 15:10:58 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv2708/doc
Modified Files:
Tag: Zope-2_6-branch
CHANGES.txt
Log Message:
updated
=== Zope/doc/CHANGES.txt 1.535.2.170 => 1.535.2.171 ===
--- Zope/doc/CHANGES.txt:1.535.2.170 Mon Jan 19 13:54:09 2004
+++ Zope/doc/CHANGES.txt Wed Jan 21 15:10:54 2004
@@ -4,6 +4,23 @@
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
+ Zope 2.6.4 rc 2
+
+ Bugs Fixed
+
+ - One of the 2.6.3 fixes added a previously missing security check
+ when binding 'context' and 'container' to Python Scripts. Because
+ many existing scripts appear in containers that users cannot access,
+ this caused a lot of unauthorized errors in existing (mostly CMF)
+ sites, since 'container' is bound by default. The fix has been
+ adjusted so that an unauthorized is only raised if the bound name
+ is actually used in a script, making backward compatibility much
+ better.
+
+ - Collector #1154 / # 615: interaction with sessions could cause
+ the security context to be discarded, potentially breaking scripts
+ that depend on proxy roles.
+
Zope 2.6.4 rc 1
More information about the Zope-Checkins
mailing list