Zope: 4.8.3 → 4.8.6
-------------------

Security fix for a Cross Site Scripting vulnerability.
See https://community.plone.org/t/zope-4-8-4-and-5-7-1-released/15992


plone.protect: 4.1.6 → 4.1.8
----------------------------
Bug fixes:

- Testing: explicitly set response content type header to html.  [jeromeperrin] (#97)

- Add missing z3c.zcmlhook dependency.  [icemac] (#96)