r2545 - in zope2.12/trunk/debian/patches (1 file)
mejo at users.alioth.debian.org
mejo at users.alioth.debian.org
Fri Oct 28 11:33:19 UTC 2011
Date: Friday, October 28, 2011 @ 11:33:18
Author: mejo
Revision: 2545
update Zope2-fix_serious_authentication_vulnerability.patch
Modified:
zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch
Modified: zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch
===================================================================
--- zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch 2011-10-27 12:06:18 UTC (rev 2544)
+++ zope2.12/trunk/debian/patches/Zope2-fix_serious_authentication_vulnerability.patch 2011-10-28 11:33:18 UTC (rev 2545)
@@ -2,6 +2,16 @@
Author: Zope Foundation and Contributors <zope-dev at zope.org>
Last-Update: 2011-10-24
+--- a/source/doc/CHANGES.rst
++++ b/source/doc/CHANGES.rst
+@@ -8,6 +8,7 @@
+ 2.12.21 (unreleased)
+ --------------------
+
++- Fixed serious authentication vulnerability in stock configuration.
+
+ 2.12.20 (2011-10-04)
+ --------------------
--- a/source/Zope2/src/AccessControl/User.py
+++ b/source/Zope2/src/AccessControl/User.py
@@ -1027,6 +1027,8 @@
@@ -13,3 +23,43 @@
class UserFolder(BasicUserFolder):
+--- a/source/Zope2/src/AccessControl/tests/testUser.py
++++ b/source/Zope2/src/AccessControl/tests/testUser.py
+@@ -227,7 +227,15 @@
+ # TODO class Test_readUserAccessFile(unittest.TestCase)
+
+
+-# TODO class BasicUserFoldertests(unittest.TestCase)
++class BasicUserFolderTests(unittest.TestCase):
++
++ def _getTargetClass(self):
++ from AccessControl.User import BasicUserFolder
++ return BasicUserFolder
++
++ def test_manage_users_security_initialized(self):
++ uf = self._getTargetClass()()
++ self.assertTrue(hasattr(uf, 'manage_users__roles__'))
+
+
+ class UserFolderTests(unittest.TestCase):
+@@ -494,11 +502,12 @@
+
+
+ def test_suite():
+- suite = unittest.TestSuite()
+- suite.addTest(unittest.makeSuite(BasicUserTests))
+- suite.addTest(unittest.makeSuite(SimpleUserTests))
+- suite.addTest(unittest.makeSuite(SpecialUserTests))
+- suite.addTest(unittest.makeSuite(UnrestrictedUserTests))
+- suite.addTest(unittest.makeSuite(NullUnrestrictedUserTests))
+- suite.addTest(unittest.makeSuite(UserFolderTests))
+- return suite
++ return unittest.TestSuite((
++ unittest.makeSuite(BasicUserTests),
++ unittest.makeSuite(SimpleUserTests),
++ unittest.makeSuite(SpecialUserTests),
++ unittest.makeSuite(UnrestrictedUserTests),
++ unittest.makeSuite(NullUnrestrictedUserTests),
++ unittest.makeSuite(BasicUserFolderTests),
++ unittest.makeSuite(UserFolderTests),
++ ))
More information about the pkg-zope-developers
mailing list