Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Z
ZODB
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kirill Smelkov
ZODB
Commits
079d9322
Commit
079d9322
authored
Sep 08, 2009
by
Jim Fulton
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Consolidated changes for final release.
parent
cb143ca3
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
89 additions
and
153 deletions
+89
-153
src/CHANGES.txt
src/CHANGES.txt
+89
-153
No files found.
src/CHANGES.txt
View file @
079d9322
...
@@ -2,159 +2,8 @@
...
@@ -2,159 +2,8 @@
Change History
Change History
================
================
3.9.0c3 (2009-09-02)
3.9.0 (2009-09-08)
====================
==================
Bugs Fixed
----------
- The helper function ZODB.blob.is_blob_record didn't handle having
None passed to it, but database "delete" records have None for their
data.
3.9.0c2 (2009-09-01)
====================
Bugs Fixed
----------
- CVE-2009-2701: Fixed a vulnerability in ZEO storage servers when
blobs are available. Someone with write access to a ZEO server
configured to support blobs could read any file on the system
readable by the server process and remove any file removable by the
server process.
- BTrees (and TreeSets) kept references to internal keys.
https://bugs.launchpad.net/zope3/+bug/294788
- BTree Sets and TreeSets don't support the standard set add method.
(Now either add or the original insert method can be used to add an
object to a BTree-based set.)
3.9.0c1 (2009-08-26)
====================
Bugs Fixed
----------
- The runzeo script didn't work without a configuration file.
(https://bugs.launchpad.net/zodb/+bug/410571)
- Officially deprecated PersistentDict
(https://bugs.launchpad.net/zodb/+bug/400775)
- Small optimization of packing file storages with blobs.
- Calling __setstate__ on a persistent object could under certain
uncommon cause the process to crash.
- When committing transactions involving blobs to ClientStorages with
non-shared blob directories, a failure could occur in tpc_finish if
there was insufficient disk space to copy the blob file or if the
file wasn't available. https://bugs.launchpad.net/zodb/+bug/224169
- Savepoint blob data wasn't properly isolated. If multiple
simultaneous savepoints in separate transactions modified the same
blob, data from one savepoint would overwrite data for another.
- Savepoint blob data wasn't cleaned up after a transaction abort.
https://bugs.launchpad.net/zodb/+bug/323067
- Opening a blob with modes 'r+' or 'a' would fail when the blob had no
committed changes.
- PersistentList's sort method did not allow passing of keyword parameters.
Changed its sort parameter list to match that of its (Python 2.4+)
UserList base class.
- Certain ZEO server errors could cause a client to get into a state
where it couldn't commit transactions.
https://bugs.launchpad.net/zodb/+bug/374737
3.9.0b5 (2009-08-06)
====================
Bugs Fixed
----------
- Fixed vulnerabilities in the ZEO network protocol that allow:
- CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers
- CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers
The vulnerabilities only apply if you are using ZEO to share a
database among multiple applications or application instances and if
untrusted clients are able to connect to your ZEO servers.
3.9.0b4 (2009-07-30)
====================
Bugs Fixed
----------
- Sources were ommitted due to setup script problems.
3.9.0b3 (2009-07-30)
====================
Bugs Fixed
----------
- Simplified the setup script in hopes of working with bdist_rpm.
- Fixed the setup test command. It previously depended on private
functions in zope.testing.testrunner that don't exist any more.
- ZEO client threads were unnamed, making it hard to debug thread
management.
- ZEO protocol 2 support was broken. This caused very old clients to
be unable to use new servers.
- zeopack was less flexible than it was before. -h should default to
local host.
- The "lawn" layout was being selected by default if the root of
the blob directory happened to contain a hidden file or directory
such as ".svn". Now hidden files and directories are ignored
when choosing the default layout.
- BlobStorage was not compatible with MVCC storages because the
wrappers were being removed by each database connection. Fixed.
Features added back
-------------------
- Warn rather than fail if DB.open is called with an empty version
string.
3.9.0b2 (2009-06-11)
====================
Bugs Fixed
----------
- Saving indexes for large file storages failed (with the error:
RuntimeError: maximum recursion depth exceeded). This can cause a
FileStorage to fail to start because it gets an error trying to save
its index.
- Sizes of new objects weren't added to the object cache size
estimation, causing the object-cache size limiting feature to let
the cache grow too large when many objects were added.
- Deleted records weren't removed when packing file storages.
- Fixed intermittent failures in the MVCCMappingStorage tests.
- Fixed analyze.py and added test.
- ZEO client blob cache size management is a little bit more robust.
3.9.0b1 (2009-05-04)
====================
New Features (in more or less reverse chronological order)
New Features (in more or less reverse chronological order)
----------------------------------------------------------
----------------------------------------------------------
...
@@ -389,6 +238,93 @@ New Features (in more or less reverse chronological order)
...
@@ -389,6 +238,93 @@ New Features (in more or less reverse chronological order)
Bugs Fixed
Bugs Fixed
----------
----------
- CVE-2009-2701: Fixed a vulnerability in ZEO storage servers when
blobs are available. Someone with write access to a ZEO server
configured to support blobs could read any file on the system
readable by the server process and remove any file removable by the
server process.
- BTrees (and TreeSets) kept references to internal keys.
https://bugs.launchpad.net/zope3/+bug/294788
- BTree Sets and TreeSets don't support the standard set add method.
(Now either add or the original insert method can be used to add an
object to a BTree-based set.)
- The runzeo script didn't work without a configuration file.
(https://bugs.launchpad.net/zodb/+bug/410571)
- Officially deprecated PersistentDict
(https://bugs.launchpad.net/zodb/+bug/400775)
- Calling __setstate__ on a persistent object could under certain
uncommon cause the process to crash.
- When committing transactions involving blobs to ClientStorages with
non-shared blob directories, a failure could occur in tpc_finish if
there was insufficient disk space to copy the blob file or if the
file wasn't available. https://bugs.launchpad.net/zodb/+bug/224169
- Savepoint blob data wasn't properly isolated. If multiple
simultaneous savepoints in separate transactions modified the same
blob, data from one savepoint would overwrite data for another.
- Savepoint blob data wasn't cleaned up after a transaction abort.
https://bugs.launchpad.net/zodb/+bug/323067
- Opening a blob with modes 'r+' or 'a' would fail when the blob had no
committed changes.
- PersistentList's sort method did not allow passing of keyword parameters.
Changed its sort parameter list to match that of its (Python 2.4+)
UserList base class.
- Certain ZEO server errors could cause a client to get into a state
where it couldn't commit transactions.
https://bugs.launchpad.net/zodb/+bug/374737
- Fixed vulnerabilities in the ZEO network protocol that allow:
- CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers
- CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers
The vulnerabilities only apply if you are using ZEO to share a
database among multiple applications or application instances and if
untrusted clients are able to connect to your ZEO servers.
- Fixed the setup test command. It previously depended on private
functions in zope.testing.testrunner that don't exist any more.
- ZEO client threads were unnamed, making it hard to debug thread
management.
- ZEO protocol 2 support was broken. This caused very old clients to
be unable to use new servers.
- zeopack was less flexible than it was before. -h should default to
local host.
- The "lawn" layout was being selected by default if the root of
the blob directory happened to contain a hidden file or directory
such as ".svn". Now hidden files and directories are ignored
when choosing the default layout.
- BlobStorage was not compatible with MVCC storages because the
wrappers were being removed by each database connection. Fixed.
- Saving indexes for large file storages failed (with the error:
RuntimeError: maximum recursion depth exceeded). This can cause a
FileStorage to fail to start because it gets an error trying to save
its index.
- Sizes of new objects weren't added to the object cache size
estimation, causing the object-cache size limiting feature to let
the cache grow too large when many objects were added.
- Deleted records weren't removed when packing file storages.
- Fixed analyze.py and added test.
- fixed Python 2.6 compatibility issue with ZEO/zeoserverlog.py
- fixed Python 2.6 compatibility issue with ZEO/zeoserverlog.py
- using hashlib.sha1 if available in order to avoid DeprecationWarning
- using hashlib.sha1 if available in order to avoid DeprecationWarning
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment