> If installed on 2.1.6, the product shows up as broken, since it
> tries to run
> "from OFS.ObjectManager import aq_base", which fails, since aq_base wasn't
> available in ObjectManager before 2.2.1 (!).
>
> Therefore I guess the Hotfix won't work for any versions prior to 2.2.1.
> According to the README, those versions are still vulnerable.
>
>
> Could somebody give me a hint if and how it's possible to backport the
> Hotfix to Zope 2.1.6 ?
You could add this to the hotfix module:
def aq_base(object):
return getattr(object, 'aq_base', object)
...and use that instead of importing it.
Brian Lloyd [EMAIL PROTECTED]
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )