You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » 2.6.3 » CHANGES.txt » View Document
Log in
Name

Password

 
Link icon Forgot your password?
Print

CHANGES.txt

Zope Changes

This file contains change information for the current Zope release.
Change information for previous versions of Zope can be found in the
file HISTORY.txt.

Zope 2.6.3 final

Bugs Fixed

- Browsers that do not escape html in query strings such as
Internet Explorer 5.5 could potentially send a script tag in a
query string to the ZSearch interface for cross-site scripting.

- FilteredSets (used within TopicIndex) are defined via an expression,
which was naievely eval'ed.

- The ZTUtils SimpleTree decompressed tree state data from the
request without checking for final size, which could allow for
certain types of DoS attacks.

- Inadequate security assertions on administrative "find" methods
could potentially be abused.

- Some improper security assertions on DTMLDocument objects could
potentially allow access to members that should be protected.

- Class security was not properly intialized for PythonScripts,
potentially allowing access to variables that should be protected.
It turned out that most of the security assertions were in fact
activated as a side effect of other code, but this fix is still
appropriate to ensure that all security declarations are properly
applied.

- The dtml-tree tag used an "eval" of user-supplied data; its
efforts to prevent abuse were ineffective.

- XML-RPC marshalling of class instances used the instance
__dict__ to marshal the object, and could include attributes
prefixed with an underscore name. These attributes are considered
private in Zope and should generally not be disclosed.

- Some property types were stored in a mutable data type (list) which
could potentially allow untrusted code to effect changes on those
properties without going through appropriate security checks in
particular scenarios.

- Inadequate type checking could allow unicode values passed to
RESPONSE.write() to be passed into deeper layers of asyncore,
where an exception would eventually be generated at a level that
would cause the Zserver main loop to terminate.

- The variables bound to page templates and Python scripts such as
"context" and "container" were not checked adequately, allowing
a script to potentially access those objects without ensuring the
necessary permissions on the part of the executing user.

- Iteration over sequences could in some cases fail to check access
to an object obtained from the sequence. Subsequent checks (such
as for attributes access) of such an object would still be
performed, but it should not have been possible to obtain the
object in the first place.

- List and dictionary instance methods such as the get method of
dictionary objects were not security aware and could return an
object without checking access to that object. Subsequent checks
(such as for attributes access) of such an object would still be
performed, but it should not have been possible to obtain the
object in the first place.

- Use of 'import as. in Python scripts could potentially rebind
names in ways that could be used to avoid appropriate security
checks.

- A number of newer built-ins (min, max, enumerate, iter, sum)
were either unavailable in untrusted code or did not perform
adequate security checking.

- Unpacking via function calls, variable assignment, exception
variables and other contexts did not perform adequate security
checks, potentially allowing access to objects that should have
been protected.

- DTMLMethods with proxy rights could incorrectly transfer those
rights via acquisition when traversing to a parent object.

- Backport Python 2.3 test fix to
lib/python/Products/PluginIndexes/DateIndex: deal with the fact
that in Python 2.3, int can return a long instead of throwing
OverflowError.

- Backport Python 2.3 test fix to
lib/python/Products/PageTemplates/tests: fix spurious error in
PageTemplates; no longer rely on the str() of exception objects
since the value of their str() is not part of their API, and can
vary between Python releases.

- The compilezpy.py no longer dies when a file it tries to compile
has errors.

- AccessControl.User used a misleading string exeception,
'NotImplemented', which shadowed the Python builtin.

- Fixed startup code which masked some exceptions as "AttributeError:
__error_log__".

- Backported 'cleanup' method / function to ZODB/FileStorage.py.

- Backported fix for Collector #387: "Changing base classes of ZClasses"

- Backported fix for Collector #1005: "dav__allprop and dav__propstat
in PropertySheets.py"

- Reordered #includes in AccessControl/cAccessControl.c to silence
warnings (due to including Python.h too late).

- Backported fix for collector #761 / 338:
"'AccessControl.ClassSecurityInfo.declareProtected(perm)' behaves like
'AccessControl.ClassSecurityInfo.declareObjectProtected(perm)'"
(tended to remove access in very confusing ways).

- Backported a fix to ExtensionClass.subclass_compare():
As reported by Neil Schemenauer, instances of an ExtensionClass
type that get into this code can raise RuntimeWarning
under Python 2.3, because the comparison result may be outside
the set {-1, 0, 1}. Worse, on a box where
sizeof(ptrdiff_t) > sizeof(int) (all 64-bit platforms), comparison
results across a set of objects could be inconsistent because the
implicit cast of pointer subtraction to int loses the
information-carrying sign bit.

- ConflictError was swallowed in ObjectManager by
manage_beforeDelete and _delObject. This could break code
expecting to do cleanups before deletion.

- Collector #1079: Fixed BaseRequest's traversal loop to avoid some
infinite loop scenarios.

- Revert feature introduced in Zope 2.6.2 b3 of never updaing
metadata if index is specified in catalog_object. This broke
several applications. Instead, we provide the catalog_object
method (and the Catalog.py's catalogObject method) with an
update_metadata keyword argument. If the update_metadata
keyword argument is set false (the default is true), metadata
is not updated.

- Collector #851: Traversable.py: A bare try..except shadowed
conflict errors

- Collector #1058: Several fixes for PropertySheets when used
outside ZClasses (includes minor UI changes for DTMLMethod and
DTMLDocument edit forms).

- Collector #1053: parseIndexRequest turned empty sequence of search
terms into unrestricted search.

- changed some bare try: except:'s in Shared.DC.ZRDB.Connection
so that they now log exceptions that occur.

Zope 2.6.2 beta 5

Bugs Fixed

- ZClasses that subclassed ObjectManager that were created in
earlier versions of Zope would not load under 2.6, due to
the new Interfaces package. Added back a simple stub module
and changed a constructor to allow these ZClasses to work.

- Collector #823: XMLRPC exception string marshalling bug fix
backported from head

Zope 2.6.2 beta 4

Bugs Fixed

- Collector: #964: standard_error_message refers to looking into the
HTML code for more information which is deprecated. Referring to
the error log now.

- Collector #959/#514: calling has_permission on a user object
did not use the user object instance to check the permission;
rather, it used the currently logged in user :(

- Fixed a potential bug in ZTUtils.Tree.decodeExpansion where a
potentially empty string was tested for it's first character; used
.startswith for safety.

Zope 2.6.2 beta 3

Backward incompatibilities

- We no longer honor local security settings that would allow
someone to join or leave versions unless the location of the
settings is a folder directly or indirectly containing the
user's user folder.

Bugs Fixed

- Collector #893: Mailhost: munge_header has been broken for addresses
containing the recipients full name

- Collector #953: fixed namespace collision with form_title in ZMI

- Collector #956: automatically installing Examples at startup
could be a security risk. Examples now must be installed
explicitly by the user (thanks to Jamie Heilman and day0).

- Collector #954: clear() method of TopicIndex removed all filter sets
instead of clearing them.

- Collector #882: Fixed typo in PropertySheets

- Collector #939: Fixed typo in TopicIndexes

- Collector #937: UnicodeError exception available within PythonScripts

- Collector #902: recursive Scripts were broken due to shared globals.

- Product initialization would only consult a file named "version.txt"
to read version information. Now it will check version.txt, VERSION.txt
and VERSION.TXT.

- Make ZCTextIndex much less prone to generating conflict errors.
Previously *any* concurrent updates would provoke a conflict.

- Fix query performance and scalability bug in ZCTextIndex.

- Collector #928: DateIndex ignored timezones when indexing and
querying

- Any write request could be tricked into writing into a version
be setting a version cookie or by including a version name in
the request. Now we require the user to globally have
permission to join or leave versions to run a request in a
version.

- Fixed a problem with potentially mis-acquiring 'func_code' in
publisher BeforeTraverse hook.

- Fix for issue 683: Image cache manager headers were not sent
when an image request returned a 304 (in response to an if-mod-since
request).

- Made all PluginIndexes and ZCTextIndex use 'safe_callable',
which is aware of extension classes that fill 'tp_callable'
but don't define '__call__'.

- Made KeywordIndex be more robust about receiving a value that
is not a string or an iterable type.

- Fixed incorrect docstring in OFSP/Image help.

- Fixed unhelpful signal description.

Zope 2.6.2 beta 2

Bugs Fixed

- TemporaryStorage (which is used by TemporaryFolder, and thus
the default sessioning configuration) no longer uses a
"LowConflictConnection" database connection. This fixes
a bug in which data structures used for session housekeeping
data could become desynchronized; the symptom for this was
KeyErrors being raised from TransientObjectContainer's 'get'
method. As a result, many more conflicts will be raised under
high session load, but desynchronization will not occur.

- Fix potential performance bug in PathIndex.

- Scored result sets from catalog (i.e., from text indexes) can now be
merged and sorted together across queries like unscored results.

- Fixed a memory leak in TALES. If an exception propagated from
a tal:repeat block, an uncollectable cycle held a reference to
everything in the TALES context.

- If you're running in development mode, Zope will now
raise an exception if a product cannot be initialized properly
instead of silently continuing. This is to prevent a debugging
frenzy in which you spelunk through one more more half-initialized
modules wondering why the class you wanted isn't part of the
module namespace. If not in development mode, the process
continues silently.

- Though Python 2.2.2 is not officially supported, a potential
issue was found when running under 2.2.2. Some built-in types
gained docstrings in the 2.2.2 release, making them
publishable where they weren't publishable before. A fix has
been added to the publisher to ensure that the types of
objects that are publishable do not change between 2.1 and
2.2.


Zope 2.6.2 beta 1

Bugs Fixed

- Fixed bug in Missing.Value object that caused a segfault when
it was compared with certainly builtin types, like unicode.

- Refactored interface check in ZCatalog indexes view so it is
no longer broken by the new Zope3 interface logic.

- Setting multiple selection properties with nothing selected now
stores an empty list instead of an empty string value.

- Database invalidations are processed atomically. Each
transaction will see all the changes caused by an earlier
transaction or none of them. Before this patch, it was
possible for a transaction to see invalid data because it saw
only a subset of the invalidations. This is the most likely
cause of reported BTrees corruption, where keys were stored in
the wrong bucket. When a BTree bucket splits, the bucket and
the bucket's parent are both modified. If a transaction sees
the invalidation for the bucket but not the parent, the BTree
in memory will be internally inconsistent and keys can be put
in the wrong bucket. The atomic invalidation fix prevents
this problem.

- Trying to store an object of a non-integer type into an
IIBTree or OIBTree could leave the bucket in a variety of
insane states. For example, trying

b[obj] = "I'm a string, not an integer"

where b is an OIBTree. This manifested as a refcount leak in
the test suite, but could have been much worse (most likely in
real life is that a seemingly arbitrary existing key would "go
missing").

When deleting the first child of a BTree node with more than
one child, a reference to the second child leaked. This could
cause the entire bucket chain to leak (not be collected as
garbage despite not being referenced anymore).

Other minor BTree leak scenarios were also fixed.

- Collector #683: WeDAV request without XML preamble
were not recognized by Zope and raised an exception.

- Fix small bug related to ZCTextIndex attempting to index the
results of a callable. Do not attempt to index None.

- Fixed performance degradation when unindexing objects from ZCTextIndex.

- Improved failure mode of (un)restrictedTraverse to aid debugging.

- Collector #256 encrypted password bug routed to 2.6 branch

- Interface package: isImplementedBy() returned None instead of 0.

- Collector #814: PathIndexes now uses IITreeSet instead of
IISet. This should result in less memory usage.

- Collector #816: dtml-sendmail corrupted header if message was
left blank.

- Fixed a whitespace problem in Z2.log (AWStats failed to process
Zope logfiles)

- It was possible for a transaction that failed in tpc_finish()
to lose the traceback that caused the failure. The
transaction code was fixed to report the original error as
well as any errors that occur while trying to recover from the
original error.

- Two small bugs were fixed in DemoStorage. undoLog() did not
handle its arguments correctly and pack() could accidentally
delete objects created in versions.

- Fixed trivial bug in fsrecover that prevented it from working at all.

- FileStorage will use fsync() on Windows starting with Python 2.2.3.

- FileStorage's commit version was fixed. It used to stop after
the first object, leaving all the other objects in the
version.

- Collector #892: misleading error msg when initializing an OIBTree
from a dict with a float value. The message claimed that the
dict's items didn't consist of 2-element tuples, but of course
they do. The TypeError now says "expected integer value".

- Backport of ZODB fix for Colletor #875, where packing to a point
before an UNDO transaction can lead to objects improperly being
left out of the packed database (the UNDO maintained a history pointer
to an object that had been deleted by pack).

Zope 2.6.1

Features added

- DateTime objects now have a tzoffset() method that returns the objects
timezones offset from GMT in seconds.

- Fixed bug that caused problems for non-latin1 users who are not
yet using unicode. plain string properties were always rendered as
latin-1. The management_page_charset property is now an officially
accepted migration tool.
A disadvantage of this change is that it is no longer possible
to supply an initial value to unicode properties.
This fixes Collector #737, #598, and #623
This change was debated here:
http://lists.zope.org/pipermail/zope-dev/2002-December/018261.html

- The Transaction "hosed" feature is disabled in this release.
If a transaction fails during the tpc_finish() it is not
possible, in general, to know whether the storage is in a
consistent state. For example, a ZEO server may commit the
data and then fail before sending confirmation of the commit
to the client. If multiple storages are involved in a
transaction, the problem is exacerbated: One storage may
commit the data while another fails to commit. In previous
versions of ZODB, the database would set a global variable
"hosed" that prevented any other transaction from committing
until an administrator could check the status of the various
failed storages and ensure that the database is in a
consistent state. This approach favors data consistency over
availability. The new approach is to log a panic but
continue. In practice, availability seems to be more
important than consistency. The failure mode is exceedingly
rare in either case.

- The BTrees-based fsIndex for FileStorage is enabled. This
version of the index is faster to load and store via pickle
and uses less memory to store keys. We had intended to enable
this feature in an earlier release, but failed to actually do
it; thus, it's getting enabled as a bug fix now.

- A value-based consistency checker for BTrees was added. See
the module BTrees.check for the checker and other utilities
for working with BTrees.

- The ZEO server has an optional timeout feature that will abort
a connection that does not commit within a certain amount of
time. The timeout works by closing the socket the client is
using, causing both client and server to abort the transaction
and continue. This is a drastic step, but can be useful to
prevent a hung client or other bug from blocking a server
indefinitely.

Bugs Fixed

- Collector #721: preserve syntactically valid character entities
in attributes.

- I18n interpolation now tries to deal with the case where there
is a mix of Unicode and non-ascii string that are incompatible
(because the encoding of the latter is unknown) by substituting
a representation of the non-ascii string.

- I18n interpolation doesn't fail anymore if a i18n:name is not
provided, the ${string} in the translation is just left as is.

- Collector #696: tal:replace of a non-string (a number for
example) associated with a i18n:name failed to be interpolated
properly.

- If a client was disconnected during a transaction, the
tpc_abort() call did not properly reset the internal state
about the transaction. The bug caused the next transaction to
fail in its tpc_finish().

- The performance of full cache verification has improved
dramatically. XXX Get measurements from Jim -- somewhere in
2x-5x recall. The implementation was fixed to use the
very-fast getSerial() method on the storage instead of the
comparatively slow load().

- Two rare bugs were fixed in BTrees conflict resolution. The
most probable symptom of the bug would have been a segfault.
The bugs were found via synthetic stress tests rather than bug
reports.

- Transience's '_getCurrentBucket' implementation had a bug which
could cause more work to be performed than necessary
(incorrect computation of "plast" variable).

- Role.py's get_valid_userids method (used by the local roles
machinery) mistakenly used the name 'acl_users' to locate a user
folder instead of the internal '__allow_groups__' alias.

- Collector #771: ZCatalog failed to index DTML Document if the name
of a catalog metadata was identical with the name of an acquired
object.

- Collector #740: DateTime now handles positive numerical
timezones correcly.

- Collector #763: There was no error when you had a sendmail-tag
without specifying a mailhost or smpthost. Also added a
missing import.

- Fixed a bug in restrictedTraverse() that sometimes led to an
AttributeError instead of prompting the user for credentials.

- Fixed a memory leak in ZODB related to product refresh: when
the ZODB cache was reset, ZODB still held unnecessary references
to the old cache.

- Collector #730: Exceptions are once more logged with their
tracebacks.

- Collector #686: intSets no longer loose their values.

- Collector #685: Improved documentation explaining how, where and 2
why security assertions should be placed in:
lib/python/Products/PythonScripts/README.txt
lib/python/Products/PythonScripts/module_access_examples.py

- Collector #736: ZPublisher now allows marshalling tags to contain
a '-'. This is the first step towards a fix for Collector #737

- Collector #714: CopySupport's manage_clone now calls
manage_afterClone in the same way that manage_pasteObjects does.

- Collector #322: made the error message you get when you try to
use 'client' as a ZSQLMethod argument more meaningful.

- Collector #479: ZCatalog catalog tab now shows "Unknown" in
the type column when it doesn't have a meta_type metadata
value for a cataloged object, rather than the type of the
catalog itself.

- Fix bug concatenating Lazy result sets. Also made len potentially
less expensive for LazyCat objects.

- Collector #697: Multiple selection properties were incorrectly
marshalled. note than any non-ascii multiple selection properties
modified in versions without this fix will have been corrupted in
the zodb. (this fix was subsequently changed with the fix to #737,
just before release of 2.6.1 beta 2. Thanks to Maik Jablonski)

- Collector #256: Added a check in _doChangeUser to make sure
passwords isn't encrypted twice.

- Collector #700: History tab of Historical objects caused error
in storages that did not support history.

- Collector #595: There was insufficient quoting in some dtml
files.

- Collector #561: Ensured that all HTTP headers are sent as normal
strings and not Unicode (thanks to Lalo Martins).

- Modify the ZRDB TM class to turn off warnings that Zope DAs do not
have a sortKey() method.

Zope 2.6.1 beta 1

Bugs Fixed

- VirtualHostMonster handles empty Mapping paths properly.

- Fixed a bug in ZCTextIndex when trying to raise an error when
finding the lexicon failed.

- Major speedups to Catalog sorting code. Sorting will consume less
memory as well.

- Collector #597: ZCTextIndex splitters now honor the locale setting
for proper splitting of non-english text.

- Deadlock prevention code added.

It was possible for earlier versions of ZODB to deadlock when
using multiple storages. If multiple transactions committed
concurrently and both transactions involved two or more shared
storages, deadlock was possible. This problem has been fixed
by introducing a sortKey() method to the transaction and
storage APIs that is used to define an ordering on transaction
participants. This solution will prevent deadlocks provided
that all transaction participants that use locks define a
valid sortKey() method. A warning is raised if a participant
does not define sortKey(). For backwards compatibility,
BaseStorage provides a sortKey() that uses __name__.

- Fixed bug in FileStorage related to object uncreation. An
attempt to load an uncreated object now raises KeyError.

- Fixed a couple bugs in FileStorage recover() that wrote
incorrect backpointers.

- Fixed data_txn attribute of iterator data records to use
the transaction id of the previous transaction, even if it
also has a data_txn field.

- Fixed conflict resolution bug that raised a NameError when a
class involved in a conflict could not be loaded.

- Fixed C extensions that included standard header files before
Python.h, which is not allowed.

- Added code to ThreadedAsync/LoopCallback.py to work around a
bug in asyncore.py: a handled signal can cause unwanted reads
to happen.

- Collector #651: WebDAV Lock Manager was broken.

- Collector #646: metal:slot was lost during the I18n merge.

- Collector #640: Fix security assertion on ZCTextIndex query method.

- Delayed opening the ZODB until after the "Zope" module has
been imported, fixing a deadlock issue involving ZEO. The
"Zope" module now has a "startup()" function.

- Fixed a NameError in the recent change to DateTime.rfc822().

- Made DateTime.rfc822() simpler and independent of local timezone.

- Fixed bug in Transience reported by kedai which caused spurious
KeyErrors under heavy sessioning usage.

- Fixed bug in the Interface Verify package; base interfaces were not
included in an interface compliancy test.

- Collector #650: Fixed implicit list marshalling for lists where the
first two values are tainted.

- Collector #671: HTTP Ranges were broken for files and images whose
length wasn't exactly divisible by 2**16.

- ModuleSecurityInfo declarations could be lost if further declarations
were made after the Info object already had been applied. Such
additional declarations could take place in Python trusted code run
after Zope strartup or during a Product refresh.

- Collector #699: MailHosts created in 2.5 breaks in 2.6.

- Collector #694: dtml-sendmail mailto specification replaces
"To:" header.

- Collector #703: KeyErrors raised when unindexing a PathIndex (and
TopicIndexes) should be swallowed and logged.

Zope 2.6.0

Bugs Fixed

- Caused many places throughout the code base to use
calls to user.getId() rather than user.getUserName(). With
most (all?) user folder implementations today, this will have
no behavioral change, as getId is always alised to getUserName.
However, this makes it possible to write user folder
implementations which make the distinction between the user's
id and the user's name. These user folders will allow users
to change names independent of their identity.

- WebDAV Lock Manager actually gives the user a chance to
specify a starting path **before** searching for locks,
shortening query times and memory usage in large Zope
instances.

- PageTemplateFiles were previously owned by whatever object
contained them. This resulted in very hard bugs if the user who
owned the container was removed. Since PageTemplateFiles come
from the filesystem, they are now "unowned", similar to
DTMLFiles. Security is still applied, but now it is applied
correctly.

- Collector #411: DateTime.rfc822 is not rfc822 compliant

Zope 2.6.0 beta 2


Bugs Fixed

- The ability to add multiple select properties to
PropertyManagers was broken (issue 612).

- Removed the signal handler hung off USR1 for packing the database.
This feature proved dangerous as the pack operation would happen in
the main thread, causing all asyncore operations to stop until it
was finished.

- Collector #372: tal:attributes failed when combined with tal:replace.

- Don't try to close network connections in the signal handler
for shutdown. This hosed ZEO clients.

- Collector #292: PythonScript.write() didn't properly refresh bindings.

- Dumb bug in zdaemon fixed in which it would try to kill
process numbers 1, 2, 3, 10, 12, and 15 when it caught a
signal related to any of these signal numbers. Instead, it
actually tries now to kill its child process with the same
signal.

- Write pidfiles out with trailing newlines.

- Fix setVirtualRoot in the face of unicode paths (such as occur
during an XML-RPC request.

- Collector #539: Fixed rendering of TAL namespace tags with an
'on-error' statement.

- Collector #586: Generated 'start' scripts had a nonsensical
export of an "INST_HOME" environment variable.

- Collector #580: TALES evaluateBoolean() was squishing 'default'.

- Collector #581: TALES Path traversal should not special-case a blank
string in the second element position. It now skips directly
to item access when a path element is blank or has a leading '_'.

- Fixed inconsistent attribute access in TALES Paths.

- Deprecated hasRole alias failed to return result.

- Collector #538: Hybrid path expressions no longer attempt to call
a value returned by the final, non-path alternate.

- Collector #573: ZTUtils Iterator didn't catch AttributeError.

- Collector #517: The properties page incorrectly rendered properties
with non-latin1 values if there were no unicode properties defined,
and incorrectly processed properties with non-ascii names.

- ZTUtils.SimpleTree could not build a tree with a root other than the
ZODB root object. Also, filter functions didn't work at all, let
alone in accordance with the documentation in the code.

- Collector #603: ZTUtils.Tree.encodeExpansion encoded depth with '.'
characters, but decodeExpansion could possibly see an encoded node
id as an encoded depth when that encoded id started with a '.'.

- Collector #605: ZTUtils.Tree.decodeExpansion set no limits on the
string to be decoded, allowing for a DoS attack with very large
strings.

- The fix for issue #144 broke the ability to create an empty Image or
File object. This functionality is now reenabled again.

- ZTUtils.Zope.TreeSkipMixin allows you to skip unauthorized objects in
the tree, but the filter wasn't applied when trying to filter candidate
child nodes through a custom setChildAccess filter.

- Emails sent through MailHost now automatically include a Date header if
not already present, in compliance with RFC822 and RFC2822.

Features Added

- Add optional 'relative' argument to getURL the method in
CatalogBrains. This allows it to generate site relative URLs
like absolute_url can.

- ZTUtils.Tree.encodeExpansion now will use zlib compression by default,
allowing for a far larger number of open tree states to be encoded.
decodeExpansion handles compressed expansion states automatically.

- ZTUtils.Tree.TreeMaker now has additional methods for setting
various flags and attributes that influence how the tree is built,
making these aspects accessible to PythonScripts.

- ZTUtils.Tree.TreeMaker has a new method setStateFunction, which
allows you to set a callback function that can influence the state
(open, closed, leaf) of each node in the tree.

- Pidfile handling improved. When Zope is started under
zdaemon, it no longer writes its own pidfile. Instead, it
passes in the path to Z2.pid to zdaemon as its pidfile name.
The 'zProcessManager.pid' file is no longer ever written.
This caused a change to the -Z option of z2.py which should be
mostly backwards-compatible (unless people were relying on
zProcessManager.pid to be written). Now the -Z option is a
boolean. -Z1 means use a daemon. -Z0 means dont. The
default is -Z1.

Zope 2.6.0 beta 1

Bugs Fixed

- Collector #587: fixed wrong migration to string methods in
DTMLMethod.py

- Collector #583: Searching for '/' with PathIndexes failed.

- Fixed bug in manage_editProperties which used an incorrect default
for several types of property when they were not found in the
REQUEST.

- Collector #574: Fixed write on HEAD requests caused by overzealous
ETag support.

- Fixed bug in z2.py where it would eat certain socket error exceptions
at startup.

- Collector #550: Exceptions in XML-RPC requests no longer envoke
standard_error_message. Plain text error messages are instead added to
the fault string. In debug mode, a full traceback is also included
since access to the error log is not a given for XML-RPC developers.

- Collector #512,541: Fixed broken WebDAV compatiblity
with Cadaver 0.20.X due to a missing Lock-Token header.

- Zope Page Templates set a 'content-type' header even if
the result of their execution was not rendered to the browser.
We now check to make sure a content-type header is not
already set before allowing a page template to set its own.

- The title_or_id attribute of browser id managers and
session data managers is now accessible publically.

- Collector #510: When Python scripts and other "Script" objects were
acquired during URL traversal, the __before_publishing_traverse__ code
did not properly stop traversal at the script and populate
traverse_subpath with the remaining url path elements.

- Collector #238: Version Save and Discard buttons were too
close to each other in Version management screens.

- The "Add Browser ID Manager" permission was renamed to
"Add Browser Id Manager".

- Collector #437: dtml-sqltest now renders 'v not in (b,c)'
when used as <dtml-sqltest v type=... multiple op=ne>.
Previously, a sqltest for inequality would render 'v <> b'
when a single value was submitted, but would render
'a in (b,c)' when multiple values were present and the
'multiple' switch was set.

- Collector #478: Z Search Interfaces with no parameters are now
generating correct HTML.

- Collector #448: Z Search Interfaces created as PageTemplates
have a correct title, not a fragment of dtml.

- Fixed brokenness of session data manager hasSessionData method.
The old method created a session data object as a result of the
call; it does not now.

- Collector #458: Fixed broken reindex_all in CatalogAwareness classes.

- The default "start" script now causes the event log to be sent to
standard output unless the "EVENT_LOG_FILE" or "STUPID_LOG_FILE"
environment variable is found in the environment.

- The much-hated name "STUPID_LOG_FILE" now has a preferred
alias: "EVENT_LOG_FILE".

- Collector #454: The "default" session_data transient object
container was not created if an object named "session_data"
existed in the root.

- Restored behavior of ZCatalog when arguments with empty string are
passed in to searchResults. These values are now ignored. If only
empty string values are passed to searchResults, then it returns all
results (it is assuming what was passed is essentially an empty
filter).

- Collector #160: Allow TemporaryStorages to participate
when a version is active.

- Collector #446: Fixed management security assertions on
ZCatalogIndexes class.

- The BTree module functions weightedIntersection() and
weightedUnion() now treat negative weights as documented. It's
hard to explain what their effects were before this fix, as
the sign bits were getting confused with an internal
distinction between whether the result should be a set or a
mapping.

- New "Transience" (session data storage) implementation.
More reliable under high load.

- Collector #402: PythonScript recompile utility should only be
usable by Manager to prevent abuse.

- Collector #433: Fixed broken Splitter backwards compatiblity
issue caused by code cleanup.

- Collector #151: The Python 2.1 / 2.2 fcntl compatibility hacks
were bypassed when using medusa directly without importing
ZServer first (as when using monitor_client.py).

- Collector #72: Start on Windows 95 machines with no network
devices installed.

- Collector #79: Don't swallow App.FindHomes exceptions.

- The set operation difference(X, None) was returning None
instead of returning X, contradicting the docs and common
sense. difference(None, X) continues to return None.

- Fix bug in ISO_8859_1 splitter which corruped storage on
initialization.

- Collector #421: Storage leak in cAccessControl

- FileLibrary and GuestBook example applications gave anonymous
users the Manager proxy role when uploading files - a potential
vulnerability on production servers.

- Exceptions that use untrusted information from a REQUEST object in
the exception message now html-quote that information.

- Stop leaking FastCGI Authorization header in environment to
prevent password compromise

- #178: Don't compile PythonScripts in skins directories

- Fixed the help registration system and Zope tutorial to honor
the environment variables, FORCE_PRODUCT_LOAD, and ZEO_CACHE,
that affect whether products are installed in the database at
application startup.

- Collector #547: xmlrpclib SlowParser should also handle CDATA
sections.

- Collector #525: Don't mask Unautorized exceptions as XML-RPC faults.
Fix based on patch from Brad Clements.

- Collector #465: Allow XML-RPC requests with no <params /> tag.

- Collector #528: Don't clear REQUEST_METHOD for XML-RPC requests;
instead check for an XML-RPC Response objetc in
BaseRequest.traverse.

Features Added

- Browser ids can now be encoded in the URL and Zope can be
instructed to automatically include the browser id in its
generated URLs.

- Browser Id Managers now provide a saner way to obtain a
hidden form element which encodes the browser id name and
browser id. An interface method named "getHiddenFormField"
on browser id managers now exists which returns a snippet of
HTML as a hidden form field that encodes these values.

- A Site Error Log object is now created in the root at Zope
startup time.

- Added 'url_unquote' and 'url_unquote_plus' modifiers
to DTML (also fmt=url-unquote and fmt=url-unquote-plus),
and made the same functions available in the PythonScripts.standard
module.

- Collector #186: Added urlencode to the standard importables for
Python scripts.

- <dtml-var name> and &dtml.-name; will now automatically HTML-quote
unsafe data taken implictly from the REQUEST object. Data taken
explicitly from the REQUEST object is not affected, as well as any
other data not originating from REQUEST. This can be disabled (at
your own risk!) by setting the environment variable
ZOPE_DTML_REQUEST_AUTOQUOTE to one of 'no', '0', or 'disabled'.

- ZCatalog index management ui is now integrated into ZCatalog rather
than being a subobject managment screen with different tabs.

- ZCTextIndexes can now be instantiated without constructing a silly
"extra" record object if desired.

- SimpleItem class now passes a new argument "error_log_url" to
the standard_error_message template on error. If the site contains
an error log object, this will contain the url to the applicable log
entry for the error.

- The IOBTree module also supports multiunion() now.

- BTrees and TreeSets are complex objects, with parent->child
pointers, sibling pointers, and multi-level parent->descendant
pointers. About half the pointers are formally redundant, but
speed operations. BTrees and TreeSets now support a ._check()
method, which does a thorough job of examining all these
pointers for consistency. It raises AssertionError if it finds
any problems, else returns None. In Zope 2.5, in rare cases a
key deletion could leave these internal pointers in an
inconsistent state (what was supposed to be redundant
information became conflicting information). The most likely
symptom was that tree.keys() would yield an object that
disgreed with the tree about how many keys there are.
tree._check() can be used if you suspect such a problem (and if
you find one, rebuilding the tree is the best solution for now).

- Added support for the ZOPE_HOME environment variable, which
points to the Zope root, where the ZServer package and default
imports may be found.

- Collector #516 -- "title" property on image tags

- Collector #117 -- change External Method DTML to name="id" vs
unquoted id

- Collector #61 -- now manage_PasteObjects return a list of dictionaries
containing {'id':original_id,'new_id':newly_pasted_obj_id} when called
with REQUEST=None

- Changed FORCE_PRODUCT_LOAD so that if it is set, it determines
whether products are installed regardless of whether ZEO_CACHE is
set. This means that you can disable product installation by setting
FORCE_PRODUCT_LOAD to an empty string even if you are not using a
ZEO persistent cache.

Documented FORCE_PRODUCT_LOAD

- xmlrpclib has been updated to the Python 2.2 version, which includes
support for the Expat parser for unmarshalling data, which speeds up
things considerably.

- Binary builds for Linux are now built against glibc 2.1.3 with large
file support enabled.

- Binary builds for Solaris are now built against Solaris 8 with large
file support enabled.

- Added i18n support in TAL processing

Zope 2.6.0 alpha 1

Features Added

- The IIBTree module has a new multiunion function. It accepts
a sequence of sets, treesets, etc, and returns the union of
the keys of these objects, as an IISet. It's designed
for peak speed when the input sequence contains many objects.

- Set the default sys checkinterval to a higher value (500) to
take better advantage of faster processors. Since there is no
way to scientifically determine a number that works best for
everyone, this at least should err on the side of better
performance "out of the box" for higher-end production
systems.

Note that you can always use the -i argument to z2 to change
the check interval.

- Added support for gzip content compression for clients that
support it. See lib/python/ZPublisher/HTTPResponse.py for more
details.

- Added ZCTextIndex plug-in index product. A replacement for TextIndex.

- Removed the venerable but senile QuickStart folder from the
default FileStorage. "Alas, poor Yorick! I knew him, Horatio."

- Signal handling and log rotation

All Zope process will respond to signals in the specified manner:

SIGHUP - close open database connections and sockets, then restart the
process

SIGTERM - close open database connections and sockets, then shut down.

SIGINT - same as SIGTERM

SIGUSR2 - rotate all Zope log files (z2.log, event log, detailed log)

The common idiom for doing automated logfile rotation will become:

kill -USR2 `cat /path/to/var/z2.pid`

The common idiom for doing "prophylactic" restarts will become:

kill -HUP `cat /path/to/var/z2.pid`

When a process is interrupted via ctrl-C or via a TERM signal
(INT, TERM), all open database connections and sockets will be closed
before the process dies. This will speed up restart time for sites
that use a FileStorage as its index will be written to the filesystem
before shutdown.

Unspecified signals kill the process without doing cleanup.

- ZCatalog no longer has a hand in managing text index vocabularies.
The cruft associated with this functionality has been exorcised.
No default indexes or metadata elements are defined for you when
you create a new ZCatalog. Since we now have many new kinds of
plug-in indexes it no longer made sense to do this
anymore.

- A new permission "Copy or Move" was added. This permission
may be used respective to an object to prevent objects
from being copyable or movable while within the management
interface. The "old" behavior stipulated that users whom
possessed the "View management screens" permission to an object's
container could copy or move the object arbitrarily, even if they
had limited access to the object itself. Once the object was
moved or copied, the user became the owner of the new object,
allowing them to see potentially sensitive information in
the management interface for the object itself. This permission
is granted to Manager and Anonymous by default, and must be
revoked on an object-by-object basis if site managers intend
to provide management screen access to folders which contain
sensitive subobjects. This patch came as a result of
Collector #376 (thanks to Chris Deckard).

- Structured Text's "DocumentWithImages" class did not recognize
image filenames with underscores.

- The getElementsByTagName method of STDOM (used by Structured Text)
would croak on most documents, especially those containing
unwrapped text nodes. Fixed.

- FileUpload objects now evaluate false when the have an empty file
name. Making it easier to check for omitted file upload form fields.

- ZClasses now use a python script as their constructor method
instead of a DTML method. Also, ZClasses inherit from
CatalogPathAwareness now instead of CatalogAwareness.

- added browser_default hook to ZPublisher. This allows objects to
specify the path to the default method that the publisher calls
when the object is published. The default for objects not defining
browser_default is still 'index_html' for bw compatibility.
A ZMI configurable browser_default implementation has been added
to ObjectManager. You can configure browser_default for OMs via
a new "settings" management tab.

- added TopicIndexes: a TopicIndex is a container for
so-called FilteredSet. A FilteredSet consists of an
expression and a set of internal ZCatalog document
identifiers that represent a pre-calculated result list for
performance reasons. Instead of executing the same query on
a ZCatalog multiple times it is much faster to use a
TopicIndex instead.

- requestprofiler: added new --daysago option and added
support for reading gzipped detailed logfiles

- DateTime: new functions JulianDay() and week()
to perform calculation of the week number based on the
Julian calendar.

- WebDAV: the new environment variable WEBDAV_SOURCE_PORT_CLIENTS
enables retrieval of the document source for dedicated WebDAV
clients (see ENVIRONMENT.txt for usage)

- Collector #272: Optimizations for RESPONSE.write

- Collector #271: New environment variables are now used
to send the access log into syslog. ZSYSLOG_ACCESS,
ZSYSLOG_ACCESS_FACILITY, and SYSLOG_ACCESS_SERVER now
do the same job as the old environment variables without
_ACCESS in their name. Those old environment variables
still do the same job of sending the event log to syslog.

- When run as a daemon on Unix, Zope will now redirect
stdin/stdout/stderr to /dev/null

- Nicer formatting for the increasingly tall permissions
table.

- TextIndex: Enhanced splitter functionality now allows the
TextIndex to index numbers, single characters. It is also
possible to enable case-sensitive indexing. The new
configuration options are available through the addForm
of the Vocabulary object.

- ICP server support. For more information see
http://www.zope.org/Members/htrd/icp/intro

- STXNG: added new env. variable STX_DEFAULT_LEVEL to change
the default level for <Hx> elements (see doc/ENVIRONMENT.txt)

- Collector #304: several catalog optimisations

- New implementation of ZODB object cache. The new
implemenation is more likely to keep the size of the object
cache close to the target size. This change means that memory
consumption may be reduced. Some users will need to increase
the default cache size, because a too small setting is more
likely to hurt performance than it did in the past.

Third-party C extensions that use the persistence API must be
recompiled, and may need to be updated to work correctly with
the new cache; see PER_GHOSTIFY().

- The ZODB Connection is now resposible for registering changed
objects with the current transaction.

- Implementation of RestrictedCreation fishbowl proposal;
Product registration can now include a function used to
determine whether that product constructor want to allow
objects to be created in the specified container object.

- Collector 196: manage_page_style.css is now cacheable.
Added freshness information to ImageFile, to improve
cacheability of management interface

- Collector 358: added a new parameter no_push_item to
dtml-in, to inhibit automatically pushing sequence-item
onto the namespace stack.

- STXNG: Structured Text now supports images by default
by using the HTMLWithImages class (has been disabled prior
to Zope 2.6)

- new option --force-http-connection-close for z2.py to prevent
clients from maintaing pipelined connections to the Zope server
(Collector #412)

- Updated the Interface package to be compatible with Zope 3
Interfaces. This included changing some interface APIs that
may affect existing products.

- Added a database activity monitoring graph to the control panel,
making it easier to tune the ZODB cache size.

Bugs Fixed

- External methods didn't properly setup func_defaults and func_code
when they were first loaded. This meant mapply couldn't properly map
arguments on the first try.

- Fixed bug #96: Narrower/Wider buttons now work on both CSS and non-CSS
compliant browsers. This allows better control for browsers that have a
hard time knowing what 100% means.

- Fix for Collector #319: filtered_manage_options didn't
correctly filter tabs based on permission.

- Made repr of an HTTPRequest.record eval'able as a dict (Collector
#89).

- Fixed bug #144: Upload button on dtml, py scripts, images, files and
pts now raises an error if the file is not specified rather than
clearing the source.

- Fixed bug #275: setPermissionDefault didn't actually set the
right permission -> role mappings.

- Fixed bug reported on maillist during EWOULDBLOCK when using FTP server
(http:// lists.zope.org/pipermail/zope/2002-March/111521.html).

- App/FindHomes.py now computes the "real" path for SOFTWARE_HOME and
INSTANCE_HOME, resolving any symlinks in any element within paths
passed in via the INSTANCE_HOME or SOFTWARE_HOME envvars. Paths that
are computed by "dead reckoning" from os.getcwd and module paths are
also "realpathed". So for instance, if you use '/home/chrism/Instance'
as your INSTANCE_HOME, and '/home/chrism' is a symlink to
'/other/home/chrism', your INSTANCE_HOME will be computed as
'/other/home/chrism/Instance'. This is necessary to avoid
weirdnesses while using "dead reckoning" from INSTANCE_HOME and
SOFTWARE_HOME in other parts of the code. POSIX systems only.

- Fixed PropertyManager/PropertySheets so that you can safely add a
property named 'ids' without breaking your properties page.

- Removed spurious 'self' from scarecrow interfaces; updated
method-generation in Interface package to ignore self when
source is a method (rather than a function).

- Collector #32: Use difflib instead of ndiff

- Fixed long standing bug in PythonScript where get_size returned
the incorrect length. This broke editing using EMACS via FTP or
WebDAV. Thanks to John Glavin at South River Technologies for
help finding the bug.

- Collector #207: fixed problem with inner links in STXNG

- Collector #210: HTML() function of StructuredText produced wrong
<h0> tags.

- Collector #166: ObjectManger.all_meta_types() implemented only
an incomplete filter based on interfaces.

- FTP: Downloading files through FTP has been broken since 2.4.0
because the downloaded file has been stored with a HTTP
header at the beginning of the file. Fixed!

- FTP: Spaces in usernames inside a FTP file listing are now
replaced by underscores to avoid confusion with some FTP clients.

- Collector #227: improved handling of unicode string in TextIndex.py
with unmodified default encoding in site.py.

- Collector #227: z2.py, TextIndex/dtml/manage_vocab.dtml modified
to display unicode strings in the vocabulary properly (now using
UTF-8 encoding for display purposes)

- Collector #250: applied several patches for TextIndex for better
unicode support for the GlobbingLexicon

- Collector #254: return owner object from getOwner wrapped in its
context

- Collector #259: walkandscrub.py did not delete all .pyc and .pyo
files during installation. Fixed.

- Collector #231: BTrees ignoring errors from comparison function

- Collector #278: DocumentWithImages could not handle URLs with
underscores

- Collector #279: changed exception handling for safegmtime() to
provide a more intuitive traceback for operating systems with a
limited gmtime() implementations

- Collector #285: Zope changes its working directory
to the var directory at startup

- WebDAV: removing an non-existing property now returns a HTTP
200-OK response instead of 404 (now compliant with RFC 2518)

- Fixed a bug in TM.py that would cause database adapters to hang
on errors in the second phase of the two-phase commit.

- Collector #291: ZCatalog not unindexing deleted properties

- Collector #266: Retried requests losing track of http request
headers, causing Connection:Close requests to stall

- Collector #17: Fixed broken links in StandardCacheManagers help

- Collector #1: UNIX security fixes: make starting Zope as 'root'
secure, stop using 'nobody', warn of insecure umasks

- Collector #303: Properties of type 'long' got truncated

- Collector #325: adding a new TextIndex to an existing Catalog
cleared the standard Vocabulary.

- Collector #373: content_type property for Image objects
are no longer deletable to prevent malfunction.

- Collector #343: The ZCatalogs 'Indexes' view showed the
wrong number of indexed objects for FieldIndexes.

- FTP server: replaced 'System_Process' by 'Sysproc' to
avoid breaking some FTP clients and the output format
with overlong usernames.

- Fixed a potential bug with cAccessControl's permission
role deallocator which would try to decref things which
may not have been set, due to a change in the initializer
(which will bail out if it doesnt get called with a tuple
argument)

- Collector #185, 341: PCGIServer and FCGIServer logs corrected
and now output extended information like HTTPServer does.

- Propertysheets: Ids like 'values' and 'items' are
now forbidden as they break WebDAV functionality. Existing
Propertysheets are not affected

- Collector #348: decapitate() now recognizes both \r\n and \n\n
to be compliant with the HTTP RFC

- Collector #386: workaround for hanging FTP connections
with NcFTP

- Collector #419: repaired off-by-1 errors and IndexErrors
when slicing BTree-based data structures. For example,
an_IIBTree.items()[0:0] had length 1 (should be empty) if
the tree wsan't empty.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)