Some revision of the the BTrees code (possibly even the current head)
has a bug which causes (in this case) an OOBTree to lie about its
items.

Code like:

for key in oobtree.keys(): oobtree[key]

... will cause a KeyError when oobtree is asked to return the object
represented by key.

We work around this by explicitly detecting this problem and logging.

SignalHandler module now lives in zdaemon package, so it may be shared
between ZEO and Zope.

The SignalHandler module in lib/python was removed in favor of the
module in zdaemon.

The zdaemon SignalHandler doesn't register any default signals.

There is a new package in lib/python named Signals.  This package
contains signal handlers and registry functions used by z2.py
to register Zope-specific signals with the SignalHandler registry.

Also, reformat doc strings, remove an unused global variable, and
remove one whitespace character.  (I've already used the whitespace
in a different module.)

As extra is no longer mandatory, grab the correct lexicon ID for the error message and in the process escape it so no HTML can be sneaked in.

each loop, making cDocumentTemplate html_quote only the first dtml-var,
if at all.

This may expose more bugs in the dtml-var tainting.  I'm not to blame. ;-)

more <wink>, and cause gcc to give spurious warnings.

ZOPE_DTML_REQUEST_AUTOQUOTE to one of 'no', '0', or 'disabled' and no
tainting will take place.

- Make DTML automatically html quote data indirectly taken from REQUEST
  which contain a '<'. Make sure (almost) all string operation preserve the
  taint on this data.

- Fix exceptions that use REQUEST data; quote the data.

- Don't let form and cookie values mask the REQUEST computed values such as
  URL0 and BASE1.

rather than the result set when the result set is much larger than the
sort index.  Added a test and cleaned up the test framework.

catalogs no-longer come with pre-existing indexes. Also removed an
unused method.

the length of the concatenated sequence is not the same as the length of r,
since r contains sequences of different sizes.  Let LazyCat compute the
length.

and sort results from multiple catalogs (or multiple queries) efficiently.

users the Manager proxy role when uploading files - a potential
vulnerability on production servers.

API documentation.

path. This was added primarily for the purpose of determining if an
object was catalogged.

never imported. The doc strings should still be converted to standard
format.

ClassSecurityInfo except that access to unprotected subobjects is
denied. Use this class to provide more explicit, and, thus more
secure, protection for methods.

Silence warnings.
Add :name to PyArg_ParseTuple() call.

XXX: Still missing tests for the new unicode marshall code.

Note that we'll fail on filenames with spaces or quotes in them.

program to overwrite a section of the global offset table!  Changing this
to unsigned char fixes the problem.