Safety vulnerability ID: 60973
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Zope updates its dependency 'RestrictedPython' to '6.2' in master branch to include a security fix.
https://github.com/zopefoundation/Zope/commit/c31b1c635e85a1766f2666cb0bd117337ae5fa67
Latest version: 5.10
Zope application server / web framework
------------------
- Disable a ``ZCatalog`` (more precisly: ``Products.PluginIndexes``)
performance test which occasionally fails on GITHUB.
For details, see
`1136 <https://github.com/zopefoundation/Zope/issues/1136>`_.
- Restore filename on code objects of objects returned from
``App.Extensions.getObject()``. This got lost in 4.0a6.
- Update to newest compatible versions of dependencies.
- Make ``mapply`` ``__signature__`` aware.
This allows to publish methods decorated via a decorator
which sets ``__signature__`` on the wrapper to specify
the signature to use.
For details, see
`1134 <https://github.com/zopefoundation/Zope/issues/1134>`_.
Note: ``mapply`` still does not support keyword only, var positional
and var keyword parameters.
- Make Zope's parameters for denial of service protection configurable
`1141 <https://github.com/zopefoundation/Zope/issues/1141>_`.
- Update ``RestrictedPython`` to version 6.2 to mitigate a security problem.
(CVE-2023-41039)
- Update ``AccessControl`` to version 6.2 to mitigate a security problem.
(CVE-2023-41050)
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application