Plone 2.1.4 (Sep 19, 2006)


This is an historical page intended for people who can't upgrade. Current versions of Plone can be found on the overview page

Fourth maintenance release in the Plone 2.1 series. This features a number of important security and bug fixes, and is a required upgrade for Plone 2.1 users.

For additional information about this project, please visit the overview page .

For installation instructions go to:

There may be hotfixes applicable to this release. Always check the Plone Hotfix Page before production deployment.

Available downloads

Product Package

For all platforms (7.2 MB)

Release Notes

State Final release
License GPL
Release Manager Stefan H. Holek
Released 2006/09/19 00:00:00 Universal

This release includes fixes for a member portrait issue that was being abused by spammers and an issue where the File type was being displayed inline by default. There are also a number of other bugfixes all listed in the changelog.

Instructions on how to see if you are affected by the recent spam abuse can be found in the document How to clean up link spam on your site.

This release requires PIL (the Python Imaging Library) due to the member portrait issue. You must install it before starting Plone.

The External Editor shipping with this release has bugs, we recommend downloading version 0.9.3 or later. Since Plone 2.1.4 is an old release, we can't update the installers with this package, and it only affects the people using EE, which is a limited audience. Later releases of Plone 2.5 and 3.0 have the correct version included.

Change log

Plone 2.1.4 - Devo - Released September 19, 2006

  • Made sure validate_email is turned on by default. [stefan]
  • Fixed a bug in the highlighting of selected tabs in an environment which uses Apache rewrite rules. This closes [hannosch]
  • Updated the CSS validation link to use the CSS 2.1 and CSS 3 compatible profile, which is what Plone uses. [limi]
  • Make the syntool methods for enabling and disabling syndication check for the Manager properties permission on the object. [alecm]
  • Making text/* not render inline for security reasons (Internet Explorer renders these blindly, no matter that they are not text/html), and fixing inline rendering of Office documents and PDFs in the process. [limi]
  • Fix member portrait handling by automatically scaling all incoming images using PIL. This will throw an IOError on any invalid image and also save some bandwidth and space in the zodb. [alecm]
  • Added method and management template to membership tool to cleanup members with bad images. [alecm]
  • Added Unicode and UTF-8 aware word splitter and case normalizer to the plone_lexicon pipeline. Backported from 2.5 branch. Fixes [stefan]
  • Added migration to remove plone.css from portal_css. Fixes [alecm]
  • DiscussionTool.cookReply needs to be available to anyone who can comment on an item, otherwise the comment will not be cooked and we get HTML injection. This fixes [alecm]
  • Made PloneTool.browserDefault check if the default page it is trying to render is the folder itself, and prevent it from doing so (which would cause an endless loop). Fixes [alecm]
  • Using indexObject instead of reindexObject for CatalogTool.clearFindAndRebuild works just as well, but does not touch every object and cause a monster transaction to be committed. Also improved the ZMI experience. [stefan]
  • Rearranged some of the nav tree CSS so it is easier to have proper padding when not using the icons. [limi]
  • Made the local nav tree functionality better, has correct indentation now. [limi]
  • Minor spelling fix in folder_localrole_form. [hannosch]
  • Removed OS notes for iCal and vCal on the event view. Meanwhile both standards are used on all OS'es. This closes [hannosch]
  • Fixed mysterious RuntimeError bug in This closes [hannosch]
  • Backport r9928 and r9934 to 2.1 branch. Thanks to Mirella van Teulingen. [nouri]
  • Backport r10134 to 2.1 branch. [nouri]
  • Use Fullname in recently_published and modified templates [jladage]
  • Cleaned up some messages that were only differing slightly. [hannosch]
  • Fix rename from the action menu when using virtual hosting. Thanks to Daniel Nouri, Maurits van Rees, Alec Mitchell and Stefan Holek for pointers and code. [optilude]
  • Added plone.css Python Script that returns the rendered CSS for use when external tools need a static reference. Cached for one day. [fschulze][limi]
  • Added portal status message to author and personalize_form. Since Limi Added the tabs and switched to the content slot instead of main, the status message wasn't shown. [jladage]
  • Fixed Plone/Unknown in HTTP Server header. It now shows the correct Plone version (again). [stefan]
  • Changed the default background color to match the defined background color for better readability. If you want the old behaviour back, add dl.portlet { background-color: transparent } to your style sheet. [limi]