Skip to content

Commit

Permalink
Zope 4.8.6 fixes regressions on the security fix.
Browse files Browse the repository at this point in the history
  • Loading branch information
mauritsvanrees committed Dec 19, 2022
1 parent 73ce10b commit bbf41ca
Show file tree
Hide file tree
Showing 4 changed files with 57 additions and 54 deletions.
4 changes: 2 additions & 2 deletions release/RELEASE-NOTES.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Release notes for Plone 5.2.10.1

* Released: Friday December 16, 2022
* Released: Monday December 19, 2022
* Check the [release schedule](https://plone.org/download/release-schedule).
* Read the [upgrade guide](https://5.docs.plone.org/manage/upgrading/version_specific_migration/upgrade_to_52.html), explaining the biggest changes compared to 5.1.
* Canonical place for these [release notes](https://dist.plone.org/release/5.2.10.1/RELEASE-NOTES.md) and the full [packages changelog](https://dist.plone.org/release/5.2.10.1/changelog.txt).
Expand All @@ -15,7 +15,7 @@ For technical wizards who want to jump straight in, here are two important links

Major changes since 5.2.10:

* Zope: Security fix for a Cross Site Scripting vulnerability. See [announcement](https://community.plone.org/t/zope-4-8-4-and-5-7-1-released/15992).
* Zope: Security fix for a Cross Site Scripting vulnerability. See [announcement](https://community.plone.org/t/zope-4-8-4-and-5-7-1-released/15992). The security fix is in Zope 4.8.4, but there were a few regressions, so we use 4.8.6.
* plone.protect: fix test that failed after the security fix.


Expand Down
2 changes: 1 addition & 1 deletion release/changelog.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Zope: 4.8.3 → 4.8.4
Zope: 4.8.3 → 4.8.6
-------------------

Security fix for a Cross Site Scripting vulnerability.
Expand Down
103 changes: 53 additions & 50 deletions release/constraints.txt
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
AccessControl==4.3
Acquisition==4.10
Acquisition==4.13
AuthEncoding==4.3
BTrees==4.10.1
BTrees==4.11.3
Babel==2.9.1; python_version < "3.0"
Babel==2.10.3; python_version >= "3.0"
Babel==2.11.0; python_version >= "3.0"
Chameleon==3.9.1; python_version < "3.0"
Chameleon==3.10.1; python_version >= "3.0"
DateTime==4.4
DateTime==4.8
Deprecated==1.2.13
DocumentTemplate==3.4; python_version < "3.0"
DocumentTemplate==4; python_version >= "3.0"
ExtensionClass==4.6
DocumentTemplate==4.1; python_version >= "3.0"
ExtensionClass==4.9
FormEncode==1.3.1; python_version < "3.0"
FormEncode==2.0.1; python_version >= "3.0"
Genshi==0.7.7
Expand All @@ -19,15 +19,16 @@ Jinja2==2.11.3; python_version < "3.0"
Jinja2==3.1.2; python_version >= "3.0"
MarkupSafe==1.1.1; python_version < "3.0"
MarkupSafe==2.1.1; python_version >= "3.0"
Missing==4.1
Missing==4.2
MultiMapping==4.1
Paste==3.5.2
PasteDeploy==2.1.1
Persistence==3.3
PasteDeploy==2.1.1; python_version < "3.0"
PasteDeploy==3.0.1; python_version >= "3.0"
Persistence==3.6
Plone==5.2.10
Products.ATContentTypes==3.0.7; python_version < "3.0"
Products.Archetypes==1.16.6; python_version < "3.0"
Products.BTreeFolder2==4.3
Products.BTreeFolder2==4.4
Products.CMFCore==2.6.0
Products.CMFDiffTool==3.3.3
Products.CMFDynamicViewFTI==6.0.3
Expand Down Expand Up @@ -73,8 +74,8 @@ PyGithub==1.45; python_version < "3.0"
PyGithub==1.47; python_version >= "3.0"
PyYAML==5.3.1
Pygments==2.5.2; python_version < "3.0"
Pygments==2.12.0; python_version >= "3.0"
Record==3.5
Pygments==2.13.0; python_version >= "3.0"
Record==3.6
RestrictedPython==5.2
SecretStorage==2.3.1; python_version < "3.0"
SecretStorage==3.1.2; python_version >= "3.0"
Expand All @@ -84,12 +85,12 @@ WSGIProxy2==0.5.1; python_version >= "3.0"
WebOb==1.8.7
WebTest==2.0.35; python_version < "3.0"
WebTest==3.0.0; python_version >= "3.0"
ZConfig==3.6.0
ZConfig==3.6.1
ZEO==5.3.0
ZODB==5.7.0
ZODB==5.8.0
ZODB3==3.11.0
ZServer==4.0.2; python_version < "3.0"
Zope==4.8.4
Zope==4.8.6
Zope2==4.0
ZopeUndo==4.3
alabaster==0.7.12
Expand All @@ -116,9 +117,10 @@ cachecontrol==0.12.11; python_version >= "3.0"
cached-property==1.5.2
calmjs.parse==1.2.5
certifi==2020.4.5.1; python_version < "3.0"
certifi==2021.10.8; python_version >= "3.0"
certifi==2022.12.7; python_version >= "3.0"
cffi==1.15.1
chardet==4.0.0
chardet==4.0.0; python_version < "3.0"
chardet==5.1.0; python_version >= "3.0"
check-manifest==0.41; python_version < "3.0"
check-manifest==0.45; python_version >= "3.0"
click==7.1.2
Expand Down Expand Up @@ -157,7 +159,7 @@ filelock==3.8.0; python_version >= "3.0"
five.customerize==2.1.0
five.globalrequest==99.1
five.intid==1.2.6
five.localsitemanager==3.3
five.localsitemanager==3.4
freezegun==0.3.15
funcsigs==1.0.2
functools32==3.2.3.post2; python_version < "3.0"
Expand All @@ -170,8 +172,8 @@ httplib2==0.18.1
i18ndude==5.5.0
icalendar==4.1.0
idna==2.10; python_version < "3.0"
idna==3.3; python_version >= "3.0"
imagesize==1.3.0
idna==3.4; python_version >= "3.0"
imagesize==1.4.1
importlib-metadata==0.23
importlib-resources==3.3.1
incremental==17.5.0
Expand Down Expand Up @@ -204,14 +206,14 @@ oauthlib==3.1.1; python_version >= "3.0"
olefile==0.46
ordereddict==1.1
packaging==20.9; python_version < "3.0"
packaging==21.3; python_version >= "3.0"
packaging==22.0; python_version >= "3.0"
pathlib==1.0.1
pathlib2==2.3.7.post1
pathtools==0.1.2
pbr==5.11.0
pdbpp==0.10.3
pep517==0.9.1
persistent==4.9.1
persistent==4.9.3
piexif==1.1.3
pillow==6.2.2
pip==20.3.4; python_version < "3.0"
Expand Down Expand Up @@ -345,11 +347,12 @@ pyrsistent==0.15.7
pyscss==1.3.7
python-dateutil==2.8.2
python-dotenv==0.15.0
python-gettext==4.0
pytz==2022.1
python-gettext==4.1
pytz==2022.6
readme-renderer==28.0
repoze.xmliter==0.6.1
requests==2.27.1
requests==2.27.1; python_version < "3.0"
requests==2.28.1; python_version >= "3.0"
requests-toolbelt==0.9.1
robotframework==3.1.2
robotframework-debuglibrary==1.2.1
Expand All @@ -373,7 +376,7 @@ snowballstemmer==2.2.0
soupsieve==1.9.6; python_version < "3.0"
soupsieve==2.3.2.post1; python_version >= "3.0"
sourcecodegen==0.6.14; python_version < "3.0"
sphinx-rtd-theme==1.0.0
sphinx-rtd-theme==1.1.1
stdlib-list==0.6.0
tempstorage==5.2
testresources==2.0.1
Expand All @@ -387,7 +390,7 @@ twine==1.15.0; python_version < "3.0"
twine==3.1.1; python_version >= "3.0"
typing==3.10.0.0; python_version < "3.0"
unidecode==0.04.1
urllib3==1.26.12
urllib3==1.26.13
virtualenv==20.14.1
wadllib==1.3.6
waitress==1.4.4; python_version < "3.0"
Expand Down Expand Up @@ -424,28 +427,28 @@ zc.recipe.testrunner==2.2
zc.relation==1.1.post2
zc.relationship==2.0.post1
zc.sourcefactory==1.1
zdaemon==4.3
zdaemon==4.4
zest.pocompile==1.5.0
zest.releaser==6.22.2
zestreleaser.towncrier==1.2.0
zipp==1.1.1
zodbpickle==2.3
zodbpickle==2.6
zodbupdate==1.5
zodbverify==1.2.0
zope.annotation==4.7.0
zope.annotation==4.8
zope.app.intid==3.7.1
zope.app.locales==4.1
zope.browser==2.4
zope.browsermenu==4.4
zope.browserpage==4.4.0
zope.browserresource==4.4
zope.cachedescriptors==4.3.1
zope.cachedescriptors==4.4
zope.component==4.6.2
zope.componentvocabulary==2.3.0
zope.configuration==4.4.1
zope.container==4.5.0
zope.container==4.10
zope.contentprovider==4.2.1
zope.contenttype==4.5.0
zope.contenttype==4.6
zope.copy==4.2
zope.copypastemove==4.1.0
zope.datetime==4.3.0
Expand All @@ -454,42 +457,42 @@ zope.deprecation==4.4.0
zope.dottedname==4.3; python_version < "3.0"
zope.dottedname==5.0; python_version >= "3.0"
zope.dublincore==4.2.0
zope.event==4.5.0
zope.exceptions==4.5
zope.event==4.6
zope.exceptions==4.6
zope.filerepresentation==5.0.0
zope.formlib==5.0.1
zope.globalrequest==1.5
zope.hookable==5.1.0
zope.globalrequest==1.6
zope.hookable==5.4
zope.i18n==4.9.0
zope.i18nmessageid==5.0.1
zope.interface==5.4.0
zope.i18nmessageid==5.1.1
zope.interface==5.5.2
zope.intid==4.3.0
zope.keyreference==4.2.0
zope.lifecycleevent==4.4
zope.location==4.2
zope.location==4.3
zope.mkzeoinstance==4.1
zope.pagetemplate==4.6.0
zope.password==4.3.1
zope.processlifetime==2.3.0
zope.proxy==4.5.1
zope.processlifetime==2.4
zope.proxy==4.6.1
zope.ptresource==4.3.0
zope.publisher==6.1.0
zope.ramcache==2.4
zope.schema==6.2.1
zope.security==5.3
zope.sendmail==5.2
zope.security==5.8
zope.sendmail==5.3
zope.sequencesort==4.2
zope.site==4.5.0
zope.size==4.3
zope.site==4.6.1
zope.size==4.4
zope.structuredtext==4.4
zope.tal==4.5
zope.tales==5.1
zope.tales==5.2
zope.testbrowser==5.6.1
zope.testing==4.10
zope.testrunner==5.4.0
zope.testrunner==5.6
zope.traversing==4.4.1
zope.viewlet==4.3
charset-normalizer==2.0.12; python_version >= "3.0"
charset-normalizer==2.1.1; python_version >= "3.0"
jeepney==0.4.3; python_version >= "3.0"
sgmllib3k==1.0.0; python_version >= "3.0"
sphinxcontrib-applehelp==1.0.2; python_version >= "3.0"
Expand All @@ -499,4 +502,4 @@ sphinxcontrib-jsmath==1.0.1; python_version >= "3.0"
sphinxcontrib-qthelp==1.0.3; python_version >= "3.0"
sphinxcontrib-serializinghtml==1.1.5; python_version >= "3.0"
sphinxcontrib-websupport==1.2.4; python_version >= "3.0"
typing-extensions==4.1.1; python_version >= "3.0"
typing-extensions==4.4.0; python_version >= "3.0"
2 changes: 1 addition & 1 deletion versions.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
# Based on latest development Zope:
# extends = https://raw.githubusercontent.com/zopefoundation/Zope/4.x/versions.cfg
# Based on released Zope:
extends = https://zopefoundation.github.io/Zope/releases/4.8.4/versions.cfg
extends = https://zopefoundation.github.io/Zope/releases/4.8.6/versions.cfg

[versions]
##############################################################################
Expand Down

0 comments on commit bbf41ca

Please sign in to comment.