You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Hotfix_2004-07-14 » Hotfix 2004-07-14 Alert

Log in



Hotfix 2004-07-14 Alert

This hotfix corrects a security problem observerd in Zope 2.7.0 and 2.7.1.


This hotfix product fixes a security bug in Page Templates. This fix ensures that values substituted in named slots in translated elements are properly encoded. If encoding is not desired and the source of the replacement text is trusted, the "structure" modifier can be used with the tal:content or tal:replace attribute to explicitly disable encoding.

Affected Versions

This fix applies to Zope 2.7.0 and 2.7.1. Zope versions 2.7.2 and newer already contain this fix, and do not require this hotfix.

This fix also obsoletes Hotfix_20040713, so that should be uninstalled when this hotfix is installed. See the README.txt file provided with Hotfix_20040713 for instructions on removing that hotfix.

Getting the Hotfix

This hotfix product can be downloaded from: 2.7.0 - 2.7.1/.