[Zope-Checkins] SVN: Zope/branches/2.12/ Fix serious authentication vulnerability in stock configuration.

Tres Seaver tseaver at palladion.com
Mon Oct 24 22:23:10 UTC 2011


Log message for revision 123150:
  Fix serious authentication vulnerability in stock configuration.
  

Changed:
  U   Zope/branches/2.12/doc/CHANGES.rst
  U   Zope/branches/2.12/src/AccessControl/User.py

-=-
Modified: Zope/branches/2.12/doc/CHANGES.rst
===================================================================
--- Zope/branches/2.12/doc/CHANGES.rst	2011-10-24 21:47:09 UTC (rev 123149)
+++ Zope/branches/2.12/doc/CHANGES.rst	2011-10-24 22:23:09 UTC (rev 123150)
@@ -8,6 +8,7 @@
 2.12.21 (unreleased)
 --------------------
 
+- Fixed serious authentication vulnerability in stock configuration.
 
 2.12.20 (2011-10-04)
 --------------------

Modified: Zope/branches/2.12/src/AccessControl/User.py
===================================================================
--- Zope/branches/2.12/src/AccessControl/User.py	2011-10-24 21:47:09 UTC (rev 123149)
+++ Zope/branches/2.12/src/AccessControl/User.py	2011-10-24 22:23:09 UTC (rev 123150)
@@ -1027,7 +1027,9 @@
         """ returns true if domain auth mode is set to true"""
         return getattr(self, '_domain_auth_mode', None)
 
+InitializeClass(BasicUserFolder)
 
+
 class UserFolder(BasicUserFolder):
 
     """Standard UserFolder object



More information about the Zope-Checkins mailing list