diff --git a/product/ZSQLCatalog/ZSQLCatalog.py b/product/ZSQLCatalog/ZSQLCatalog.py
index 93508f396c244adbfcabf994675dbfef4c8580ff..cb546475699f488b51fb455a506d4c3cbfa48cd4 100644
--- a/product/ZSQLCatalog/ZSQLCatalog.py
+++ b/product/ZSQLCatalog/ZSQLCatalog.py
@@ -964,14 +964,16 @@ class ZCatalog(Folder, Persistent, Implicit):
     return obj_list
 
   def getMetadataForUid(self, rid, sql_catalog_id=None):
-    """return the correct metadata for the cataloged uid"""
+    # !!! do not use docstring here (CVE-2011-0720).
+    # return the correct metadata for the cataloged uid
     catalog = self.getSQLCatalog(sql_catalog_id)
     if catalog is not None:
       return catalog.getMetadataForUid(int(rid))
     return {}
 
   def getIndexDataForUid(self, rid, sql_catalog_id=None):
-    """return the current index contents for the specific uid"""
+    # !!! do not use docstring here (CVE-2011-0720).
+    # return the current index contents for the specific uid
     catalog = self.getSQLCatalog(sql_catalog_id)
     if catalog is not None:
       return catalog.getIndexDataForUid(rid)
@@ -1218,12 +1220,11 @@ class ZCatalog(Folder, Persistent, Implicit):
       pass
 
   def resolve_path(self, path):
-    """
-    Attempt to resolve a url into an object in the Zope
-    namespace. The url may be absolute or a catalog path
-    style url. If no object is found, None is returned.
-    No exceptions are raised.
-    """
+    # !!! do not use docstring here (CVE-2011-0720).
+    # Attempt to resolve a url into an object in the Zope
+    # namespace. The url may be absolute or a catalog path
+    # style url. If no object is found, None is returned.
+    # No exceptions are raised.
     try: 
       return self.unrestrictedTraverse(path)
     except ConflictError: