I have released Plone 5.2.8.
With Buildout you can use the versions file at https://dist.plone.org/release/5.2.8/versions.cfg.
With pip you can use the constraints file at https://dist.plone.org/release/5.2.8/constraints.txt
Please read the information below about waitress carefully.
Interesting changes since 5.2.7:
Zope: Enhance cookie support. For details, see issue 1010
For more changes see Change log — Zope documentation 4.6 documentation
waitressis updated to version 2.1.1 to mitigate a vulnerability in that package. As waitress no longer supports Python versions less than 3.7 it is not advised to run Plone 5.2 on Python 2.7 or 3.6 any longer, even though they are still supported by Plone itself. You get an older
waitressversion then. If you must use an old Python version, please switch to a different WSGI server. See the recommendations in the Zope documentation.
WARNING: the new
waitress2.1.1 does seem to suffer from a possible race condition leading to the process quitting. If you are affected by this, you can downgrade to 2.1.0 (which has a known security vulnerability, as mentioned above) or use a different WSGI server.
plone.app.linkintegrity: Track link integrity of referenced PDFs and other site objects in IFRAME SRC references.
plone.outputfilters: Resolve UIDs in SRC attribute of of SOURCE and IFRAME elements.
plone.app.querystring: Add lazy attribute to vocabularies to prevent fetching any results.
plone.schema: Use indent in json.dumps to make JSON readable in the widget.