10 Feb
2014
10 Feb
'14
5:55 p.m.
Hi, I requested CVE numbers for the issues fixed in the security releases; here's what was assigned: CVE-2014-1922: absolute path traversal issue in tools/pdfViewer.pl CVE-2014-1923: directory traversal issues in edithelp.pl and member-picupload.pl CVE-2014-1924: MARC framework import/export did not require authentication CVE-2014-1925: MARC framework import/export could be used to perform unexpected SQL commands Regards, Galen -- Galen Charlton Manager of Implementation Equinox Software, Inc. / The Open Source Experts email: gmc@esilibrary.com direct: +1 770-709-5581 cell: +1 404-984-4366 skype: gmcharlt web: http://www.esilibrary.com/ Supporting Koha and Evergreen: http://koha-community.org & http://evergreen-ils.org