Fix serious authentication vulnerability in stock configuration.

92176d46 · Tres Seaver · 5370cdc3 · 92176d46 · 92176d46
Commit 92176d46 authored Oct 24, 2011 by Tres Seaver
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 0 deletions

doc/CHANGES.rst doc/CHANGES.rst +1 -0

src/AccessControl/User.py src/AccessControl/User.py +2 -0

No files found.
--- a/doc/CHANGES.rst
+++ b/doc/CHANGES.rst
@@ -8,6 +8,7 @@ http://docs.zope.org/zope2/releases/.
 2.12.21 (unreleased)
 --------------------

+- Fixed serious authentication vulnerability in stock configuration.

 2.12.20 (2011-10-04)
 --------------------

--- a/src/AccessControl/User.py
+++ b/src/AccessControl/User.py
@@ -1027,6 +1027,8 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
        """ returns true if domain auth mode is set to true"""
        return getattr(self, '_domain_auth_mode', None)

+InitializeClass(BasicUserFolder)
+

 class UserFolder(BasicUserFolder):