Applying security and bug fixes to Plone
Although it is extremely rare, vulnerabilities are found in Plone occasionally and fixes are released.
Less rare, but almost as important, are the occasional bug fix releases for various packages within the Plone software stack.
Here, we are referring to packages that contain bug fixes that were not released with a particular point release of Plone. They may also be a part of the next point release (for example, 3.3.6).
Often, you need those fixes now. Under such circumstances, it is the responsibility of all Plone site administrators to deploy these fixes to their production sites as soon as possible.
In some cases (for example with Python egg packages), the fix can be as simple as changing a package version and running Buildout to get the latest compatible release (which presumably addresses the security, or the bug issue).
In other cases, alternative methods are required.
Such was the case with the last known Zope 2 security issue, which occurred in...
