You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Zope » Zope 2.1.4 released
Log in
Name

Password

 
Link icon Forgot your password?
Print

Zope 2.1.4 released

Zope 2.1.4 has been released. This update prevents the REQUEST object from being traversable by web clients. While this feature was useful for debugging, Evan Simpson noted a potential security issue that could allow web authors to play client scripting tricks and make them appear (to the user) to be coming from a Zope site.

While we know of no instances of this happening and the actual security of the Zope site's data is not affected by this, we do recommend that you upgrade to 2.1.4 to avoid any problems.

Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)