r1029 - in /zope-cmfplone/trunk: debian/changelog statusmessages.py

kobold at users.alioth.debian.org kobold at users.alioth.debian.org
Mon Nov 19 19:23:47 UTC 2007 

Author: kobold
Date: Mon Nov 19 19:23:47 2007
New Revision: 1029

URL: http://svn.debian.org/wsvn/pkg-zope/?sc=1&rev=1029
Log:
New release.

Modified:
    zope-cmfplone/trunk/debian/changelog
    zope-cmfplone/trunk/statusmessages.py

Modified: zope-cmfplone/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-zope/zope-cmfplone/trunk/debian/changelog?rev=1029&op=diff
==============================================================================
--- zope-cmfplone/trunk/debian/changelog (original)
+++ zope-cmfplone/trunk/debian/changelog Mon Nov 19 19:23:47 2007
@@ -1,3 +1,10 @@
+zope-cmfplone (2.5.2-3) unstable; urgency=high
+
+  * Updated hotfix for Plone CVE 2007-5741:
+    http://plone.org/products/plone-hotfix/releases/20071106-2
+
+ -- Fabio Tranchitella <kobold at debian.org>  Mon, 19 Nov 2007 20:22:23 +0100
+
 zope-cmfplone (2.5.2-2) unstable; urgency=high
 
   * statusmessage.py, __init__.py: applied fix for CVE-2007-5741:

Modified: zope-cmfplone/trunk/statusmessages.py
URL: http://svn.debian.org/wsvn/pkg-zope/zope-cmfplone/trunk/statusmessages.py?rev=1029&op=diff
==============================================================================
--- zope-cmfplone/trunk/statusmessages.py (original)
+++ zope-cmfplone/trunk/statusmessages.py Mon Nov 19 19:23:47 2007
@@ -1,8 +1,10 @@
-from base64 import encodestring, decodestring
 import binascii
+import logging
 import struct
+import sys
 
 from Products.statusmessages.message import Message
+from Products.statusmessages.adapter import logger
 
 def _encodeCookieValue(text, type, old=None):
     """Encodes text and type to a list of Messages. If there is already some old
@@ -18,7 +20,7 @@
         results.append(message)
 
     messages = ''.join([r.encode() for r in results])
-    return encodestring(messages).rstrip()
+    return binascii.b2a_base64(messages).rstrip()
 
 def _decodeCookieValue(string):
     """Decode a cookie value to a list of Messages.
@@ -29,7 +31,7 @@
         return results
     # Try to decode the cookie value
     try:
-        value = decodestring(string)
+        value = binascii.a2b_base64(string)
         while len(value) > 1: # at least 2 bytes of data
             message, value = decode(value)
             if message is not None:
@@ -111,6 +113,8 @@
             aq_context = parents is not None and parents[0] or None
             text = gts.translate(None, text, context=aq_context)
             original(self, text, type)
+        
+        adapter.StatusMessage.addStatusMessage = addStatusMessage
 
         def __eq__(self, other):
              if not isinstance(other, Message):

More information about the pkg-zope-commits mailing list