1. 01 Sep, 2009 3 commits
    • Jim Fulton's avatar
      Bugs Fixed · ca039f3a
      Jim Fulton authored
      ----------
      
      - The helper function ZODB.blob.is_blob_record didn't handle having
        None passed to it, but database "delete" records have None for their
        data.
      ca039f3a
    • Jim Fulton's avatar
      Bugs Fixed · 5b314940
      Jim Fulton authored
      - CVE-2009-2701: Fixed a vulnerability in ZEO storage servers when
        blobs are available. Someone with write access to a ZEO server
        configured to support blobs could read any file on the system
        readable by the server process and remove any file removable by the
        server process.
      5b314940
    • Benji York's avatar
      fix typos · 3949f683
      Benji York authored
      3949f683
  2. 28 Aug, 2009 1 commit
  3. 27 Aug, 2009 3 commits
  4. 26 Aug, 2009 7 commits
  5. 25 Aug, 2009 2 commits
  6. 24 Aug, 2009 7 commits
  7. 23 Aug, 2009 4 commits
  8. 22 Aug, 2009 3 commits
  9. 20 Aug, 2009 2 commits
  10. 13 Aug, 2009 2 commits
    • Jim Fulton's avatar
      Bugs Fixed: · 7e848419
      Jim Fulton authored
      - Fixed vulnerabilities in the ZEO network protocol that allow:
      
      CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers
        CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers
      
      - Limit the number of object ids that can be allocated at once to
        avoid running out of memory.
      7e848419
    • Jim Fulton's avatar
      Cleaned up imports. · 5a1a274a
      Jim Fulton authored
      5a1a274a
  11. 02 Aug, 2009 1 commit
  12. 30 Jul, 2009 3 commits
  13. 28 Jul, 2009 2 commits