Workflow

Zope

Latest version: v5.11.1

Safety actively analyzes 693883 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 16

5.3

Not secure
----------------

- Reinstate simple sessioning with ``Products.TemporaryFolder``
because the underlying issues with ``tempstorage`` have been fixed.
(`985 <https://github.com/zopefoundation/Zope/issues/985>`_)

- Update the ``AccessControl`` version pin to fix a remote code execution issue
(see `AccessControl security advisory GHSA-qcx9-j53g-ccgf
<https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-qcx9-j53g-ccgf>`_)

- Prevent ``DeprecationWarnings`` from moved imports in ``AccessControl``

- make sure "Manager" users can always modify proxy roles
(`see Products.PythonScripts50
<https://github.com/zopefoundation/Products.PythonScripts/issues/50>`_)

- Deprecate usage of "unicode" converters. Also, the behavior of
``field2lines`` is now aligned to the other converters and returns a list of
strings instead of a list of bytes.
(`962 <https://github.com/zopefoundation/Zope/issues/962>`_)

- Update to newest compatible versions of dependencies.

5.2.1

Not secure
------------------

- Prevent unauthorized traversal through authorized Python modules in
TAL expressions

- Facelift the Zope logo.
(`973 <https://github.com/zopefoundation/Zope/issues/973>`_)

- Update to newest compatible versions of dependencies.

5.2

Not secure
----------------

5.1.2

Not secure
------------------

- Enforce Zope permissions during recursive XML-RPC data dumps
(`954 <https://github.com/zopefoundation/Zope/issues/954>`_)

- The ``compute_size`` method properly returns None if the content does not
have a ``get_size`` method but the parent has.
(`948 <https://github.com/zopefoundation/Zope/issues/948>`_)

- Fix control panel tab links on all control panel pages

- Update to newest versions of dependencies.

5.1.1

Not secure
------------------

- Replace (in ``OFS``) the deprecated direct ``id`` access by
``getId`` calls.
(`903 <https://github.com/zopefoundation/Zope/issues/903>`_)

- Update ZMI dependencies for Font Awesome, jQuery and bootstrap.

- Revise debug info GUI
(`937 <https://github.com/zopefoundation/Zope/pull/937>`_)

- Convert ``bytes`` ``HTTPResponse`` header value to ``str``
via ``ISO-8859-1`` (the default encoding of ``HTTP/1.1``).

- Fix rendering of not found resources.
(`933 <https://github.com/zopefoundation/Zope/pull/933>`_)

- Update to newest versions of dependencies.

5.1

Not secure
----------------

- Fix behavior when uploading no file in ``Zope >= 5.8.1``.

- Add support for Python 3.12 and 3.13

- Drop support for Python 3.7.

- Show Python Scripts source code in tracebacks.
`64 <https://github.com/zopefoundation/Products.PythonScripts/issues/64>`_

Page 6 of 16

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.