head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.12 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.10 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.8 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.6 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.4 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.2 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.1.0.6 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.4 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.2; locks; strict; comment @# @; 1.2 date 2008.10.25.16.18.18; author taca; state dead; branches; next 1.1; 1.1 date 2008.08.17.15.12.32; author taca; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2008.08.17.15.12.32; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.08.20.10.05.24; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update zope29 package to 2.9.10 (Zope 2.9.10). Zope 2.9.10 (2008/10/24) Bugs fixed * Ensure that response header values cannot embed CRLF pairs, which violate the HTTP spec (RFC 2616). * Launchpad #282677: fixed implementation of guarded_map and provided tests and implementation for guarded_zip (RestrictedPython). * AccessControl.ZopeGuards.guarded_import mapped some Unauthorized exceptions onto ImportErrors: don't do that! Also, removed mutable defaults from argument list, improved tests. * LP #281156: AccessControl.SecurityInfo.secureModule dropped ModuleSecurity for failed imports, obscuring later attempts to import the same broken module. * LP #142667: Updated to ZODB-3.6.4 to fix problem with product auto-refresh. * Launchpad #267545: DateTime(DateTime()) now preserves the correct hour * Launchpad #245649: the Products package is now a proper "namespace package" under the rules specified by setuptools. * Launchpad #239636: Ensure that HEAD requests lock an empty body for NotFound errors. * Launchpad #234209: De-tabify ZPublisher/HTTPRequest.py * integrated Hotfix-2008-08-12 @ text @$NetBSD: patch-ak,v 1.1 2008/08/17 15:12:32 taca Exp $ Patch #1 corresponding to security advisory 2008-08-12. --- lib/python/Products/PythonScripts/PythonScript.py.orig 2008-05-10 15:35:03.000000000 +0900 +++ lib/python/Products/PythonScripts/PythonScript.py @@@@ -323,7 +323,11 @@@@ class PythonScript(Script, Historical, C g['__file__'] = getattr(self, '_filepath', None) or self.get_filepath() f = new.function(fcode, g, None, fadefs) - result = f(*args, **kw) + try: + result = f(*args, **kw) + except SystemExit: + raise ValueError('SystemExit cannot be raised within a PythonScript') + if keyset is not None: # Store the result in the cache. self.ZCacheable_set(result, keywords=keyset) @ 1.1 log @Add some changes from Zope's svn repository which should fix Zope's security advisory 2008-08-12. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ak was added on branch pkgsrc-2008Q2 on 2008-08-20 10:05:24 +0000 @ text @d1 19 @ 1.1.2.2 log @Pullup ticket #2499 - requested by taca zope29: security patch Revisions pulled up: - www/zope29/Makefile 1.20 - www/zope29/distinfo 1.7 - www/zope29/patches/patch-ak 1.1 - www/zope29/patches/patch-al 1.1 --- Module Name: pkgsrc Committed By: taca Date: Sun Aug 17 15:12:32 UTC 2008 Modified Files: pkgsrc/www/zope29: Makefile distinfo Added Files: pkgsrc/www/zope29/patches: patch-ak patch-al Log Message: Add some changes from Zope's svn repository which should fix Zope's security advisory 2008-08-12. Bump PKGREVISION. @ text @a0 19 $NetBSD: patch-ak,v 1.1 2008/08/17 15:12:32 taca Exp $ Patch #1 corresponding to security advisory 2008-08-12. --- lib/python/Products/PythonScripts/PythonScript.py.orig 2008-05-10 15:35:03.000000000 +0900 +++ lib/python/Products/PythonScripts/PythonScript.py @@@@ -323,7 +323,11 @@@@ class PythonScript(Script, Historical, C g['__file__'] = getattr(self, '_filepath', None) or self.get_filepath() f = new.function(fcode, g, None, fadefs) - result = f(*args, **kw) + try: + result = f(*args, **kw) + except SystemExit: + raise ValueError('SystemExit cannot be raised within a PythonScript') + if keyset is not None: # Store the result in the cache. self.ZCacheable_set(result, keywords=keyset) @