[mod_python] Announce: 2.7.7

Andre Reitz reitz at inworks.de
Thu Apr 11 18:10:41 EST 2002 

On Thu, 11 Apr 2002 13:07:51 -0400 (EDT)
"Gregory (Grisha) Trubetskoy" <grisha at modpython.org> wrote:

> 
> My appologies - I must have forgotten to check it in after the patch or
> something...
> 
Will you release Version 2.7.8 tomorrow with the bugfix included? :)

Greetings, Andre'

> On Thu, 11 Apr 2002, Andre Reitz wrote:
> 
> > On Wed, 10 Apr 2002 18:06:04 -0400 (EDT)
> > "Gregory (Grisha) Trubetskoy" <grisha at modpython.org> wrote:
> >
> > >
> > > I have released mod_python 2.7.7.
> > >
> > > This release (as far as I could tell adequately) addresses the security
> > > issue whereby a module indirectly imported by a published module could
> > > then be accessed via the publisher.
> > >
> > > It is highly recommended that you upgrade, especially if you use the
> > > publisher.
> > >
> > > A quick way to upgrade is to just replace the apache.py file and restart
> > > httpd - everything else is pretty much the same except for the verion
> > > number. Windows users should still be able to use the 2.7.6 DLL with the
> > > new apache.py.
> > >
> > > Grisha
> >
> > Did you forget to patch apache.py?? (The boo boo)
> >
> >
> > def setup_cgi(req):
> >     """
> >     Replace sys.stdin and stdout with an objects that read/write to
> >     the socket, as well as substitute the os.environ.
> >     Returns (environ, stdin, stdout) which you must save and then use
> >     with restore_nocgi().
> >     """
> >
> >     # save env
> >     env = os.environ.copy()            <------(1)
> >
> >     si = sys.stdin
> >     so = sys.stdout
> >
> >     env = build_cgi_env(req)
> >
> >     for k in env.keys():
> >         os.environ[k] = env[k]
> >
> >     sys.stdout = CGIStdout(req)
> >     sys.stdin = CGIStdin(req)
> >
> >     sys.argv = [] # keeps cgi.py happy
> >
> >     return env, si, so		<--------(2)
> > >
> >
> > (1) : originalenv=os.environ.copy()
> > (2) : return originalenv,si,so
> >
> >
> >
> >
> > >
> > > _______________________________________________
> > > Mod_python mailing list
> > > Mod_python at modpython.org
> > > http://www.modpython.org/mailman/listinfo/mod_python
> >
> >
> > --
> > _____________________________________________
> > inworks GmbH            Andre Reitz
> > Magirusstrasse 44	Tel. 0731/93 80 7-21
> > 89077 Ulm		http://www.inworks.de
> >
> 


-- 
_____________________________________________
inworks GmbH            Andre Reitz		
Magirusstrasse 44	Tel. 0731/93 80 7-21
89077 Ulm		http://www.inworks.de

More information about the Mod_python mailing list