Somebody to update security hotfix page?


Could somebody add the new versions to the "Plone versions - security support - maintenance - Hotfixes"
( )

Thank you


@gnafou sure I guess you want 5.0.7 and 4.3.12, I will take care of those.

thanks :wink:

( i understood only recently that the updates usually take care of the older security fixes )


Humph ...

I just noticed that the 507 unifiedInstaller still lists the 20160830 and 20161129 hotfixes

@gnafou could you file an issue for that at ?

@gnafou Ok sorry for confusing.

Plone releases always tries to incorporate all existing Hotfixes that are released before the soft release of this version. So if any upcoming Release or Hotfix is announced, it will be stated if there is an additional hotfix applicable for this release.

There is one exception for the Plone 4 Series, the Plone Hotfix: plone4.csrffixes ( is an additional package that lifts the security of any Plone 4 Site, but will never included in any Plone 4 Release, as it could break several add-ons.

can we sort that list by release date? the Plone 4.3.1x series are lost in the middle of the list because bad version sorting.

@hvelarde sure we could change it, but a complete rewrite of this listing is on its way.
It should be grouped by Release Series and then the version in correct descending order.

so if you want to help, new version goes into ploneorg.releasesecurityinfo old is in pull requests always welcome.

The whole list should be sortable by any header; I think there's a pattern for that.

@hvelarde the current table might be useful to sort, the new one with groups (colspan) might make more problems.

The tablesort pattern was removed from mockup, so no pattern avaliable, and also JS-Libraries won't make it better as they also don't sort Version Strings correct.

yes, and a lot of people argued against it at the time:

but that's a complete different problem.