[Koha-bugs] [Bug 14467] Security updates break some Koha plugins
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jun 29 13:15:47 CEST 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14467
--- Comment #6 from Kyle M Hall <kyle at bywatersolutions.com> ---
(In reply to Katrin Fischer from comment #4)
> Hi Kyle, I think 2 of the security releases (3.16 and 3.14) had a wrong set
> of patches - could this be the reason for the plugin problems? (see bug
> 14408 and the branches on git for the reverts/changes)
I don't think this. I believe this is directly caused by the new check for
previous directory ( i.e. ".." ) in file paths. The problem is
Module::Bundled::Files creates patches using .. in it, and thus it fails that
test. Cwd takes that weird path and converts it to a safe path.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list