Plone 3.0.4 (Dec 10, 2007)


This is an historical page intended for people who can't upgrade. Current versions of Plone can be found on the overview page

This is the fourth maintenance release of Plone 3.0. This releases fixes stability problems introduced by the security fix for the CVE-2007-5741 security issue as well as several other fixes.

For additional information about this project, please visit the overview page .

For installation instructions go to:

There may be hotfixes applicable to this release. Always check the Plone Hotfix Page before production deployment.

Available downloads

Release Notes

State Final release
License GPL
Release Manager Wichert Akkerman
Released 2007/12/10 00:00:00 Universal

Plone 3.0.4 requires Python 2.4.4 and Zope 2.10.5. 

Change log

This is a summary of all changes. For the complete list look at the changelog for each updated package.

  • Quote the description of search results in live search (security fix).
  • Fix the cookie handling for status message to not insert newlines on long messages. This fixes the stability problems (occasional site errors) introduced by the CVE-2007-5741 security fix.
  • Backed out handling of PTS as a global utility again. It turns out that registering a persistent object both as a global utility is as bad as registering it as a module level global. This fixes the ConnectionStateErrors witnessed in Plone 3.0.
  • Only show the maintenance control panel for users who have management access in the Zope root. This prevents people who only have manager access in a Plone site from being able to shutdown the entire Zope instance.
  • Improved filename normalizer: allow filenames of up to 1023 characters instead of chopping them off at 50 and do not allow [] brackets in filenames
  • Remove an unneeded ZODB savepoint in the quick installer, which could cause failed installations to be commited.
  • Catch syntax errors in po-files when loading translation from locales folders and output a warning instead of preventing Zope from starting up.
  • Intelligent text improvements: accept IP addresses, port numbers and localhost in URLs, correct handling of ampersands in URLs and fix handling of URLs in brackets
  • Kupu visual editor fixes:
    • Images may only be resized if 'height' and 'width' are permitted image attributes. Resizing images in Firefox sets those attributes rather than the style attribute.
    • Improved support for safari/webkit browsers.
    • Fix image break on dragging.
  • Do not version files larger than 32mb. The versioning system does not support them and we were silently breaking things. Instead show a message warning the user when he tries to version a large object.
  • Enable showing of differences for folder versions.
  • Handle ArchivistUnregisteredErrors errors during saving of versioned content.
  • KSS fix: fix multiple selection for field handling in safari
  • Allow CMFSite and PloneSite test layers to be set up more than once.
  • Allow through-the-web customizing of viewlets whose class name does not end with Viewlet.
  • Updated translations.
  • Allow non-ASCII characters in webstats code.
  • Correct handling of workflow history with entries from anonymous and deleted users.
  • Update the template for the CalendarWidget to support time-only fields.
  • Correct migration errors for sites with a custom catalog such as QueueCatalog.
  • Fix invalid XHTML in Table of Contents.
  • Use a different method to index interfaces for content which is five times faster.

Updated packages

  • ATContentTypes 1.2.3
  • CMFDiffTool 0.3.5
  • CMFEditions 1.1.4
  • CMFPlone 3.0.4
  • CMFQuickInstallerTool 2.0.4
  • CMFTestCase 0.9.7
  • PlacelessTranslationService 1.4.6
  • PloneTestCase 0.9.7
  • PloneTranslations 3.0.9
  • PluggableAuthService 1.5.2
  • kupu 1.4.6
  • statusmessage 3.0.3
  • archetypes.kss
  • kss.core 1.2.4
  • 1.0.3
  • 1.0.1
  • 1.0.4
  • 1.2.4
  • 1.0.4
  • 1.0.3
  • plone.i18n 1.0.2
  • plone.intelligenttext 1.0.1