r556 - in zope-cmfplone/trunk: . debian
Fabio Tranchitella
kobold at alioth.debian.org
Mon Dec 18 16:32:59 CET 2006
Author: kobold
Date: 2006-12-18 16:32:59 +0100 (Mon, 18 Dec 2006)
New Revision: 556
Modified:
zope-cmfplone/trunk/RegistrationTool.py
zope-cmfplone/trunk/debian/changelog
Log:
Changes for new debian release.
Modified: zope-cmfplone/trunk/RegistrationTool.py
===================================================================
--- zope-cmfplone/trunk/RegistrationTool.py 2006-11-30 21:54:55 UTC (rev 555)
+++ zope-cmfplone/trunk/RegistrationTool.py 2006-12-18 15:32:59 UTC (rev 556)
@@ -11,6 +11,9 @@
from Products.CMFPlone.PloneBaseTool import PloneBaseTool
from Products.CMFPlone.PloneTool import EMAIL_RE
+from Products.PluggableAuthService.interfaces.authservice \
+ import IPluggableAuthService
+
# - remove '1', 'l', and 'I' to avoid confusion
# - remove '0', 'O', and 'Q' to avoid confusion
# - remove vowels to avoid spelling words
@@ -92,6 +95,28 @@
return 0
return 1
+ def isMemberIdAllowed(self, id):
+ if len(id) < 1 or id == 'Anonymous User':
+ return 0
+ if not self._ALLOWED_MEMBER_ID_PATTERN.match( id ):
+ return 0
+
+ pas = getToolByName(self, 'acl_users')
+ if IPluggableAuthService.providedBy(pas):
+ results = pas.searchPrincipals(id=id)
+ if results:
+ return 0
+ else:
+ membership = getToolByName(self, 'portal_membership')
+ if membership.getMemberById(id) is not None:
+ return 0
+ groups = getToolByName(self, 'portal_groups')
+ if groups.getGroupById(id) is not None:
+ return 0
+
+ return 1
+
+
security.declarePublic( 'testPropertiesValidity' )
def testPropertiesValidity(self, props, member=None):
Modified: zope-cmfplone/trunk/debian/changelog
===================================================================
--- zope-cmfplone/trunk/debian/changelog 2006-11-30 21:54:55 UTC (rev 555)
+++ zope-cmfplone/trunk/debian/changelog 2006-12-18 15:32:59 UTC (rev 556)
@@ -1,3 +1,11 @@
+zope-cmfplone (2.5.1-3) unstable; urgency=high
+
+ * Security issue CVE 2006-4249, applied upstream patch:
+ http://plone.org/about/security/advisories/cve-2006-4249
+ (Closes: #401796)
+
+ -- Fabio Tranchitella <kobold at debian.org> Mon, 18 Dec 2006 16:29:07 +0100
+
zope-cmfplone (2.5.1-2) unstable; urgency=medium
* Depend on zope-debhelper (>= 0.3.3) to fix a bashism in the generated
More information about the pkg-zope-commits
mailing list