[koha-commits] main Koha release repository branch master updated. v3.14.00-42-g803789f

Git repo owner gitmaster at git.koha-community.org
Tue Nov 26 19:01:20 CET 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, master has been updated
       via  803789f13b09fc3429f41f6a647e8fdaa2d20772 (commit)
       via  6f0d4153dfb8f85ab2b41c1e2780d4171c00e4ee (commit)
      from  17b78abc7fe6a66ab48a01ac4a7be8e88ad165fc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 803789f13b09fc3429f41f6a647e8fdaa2d20772
Author: Chris Cormack <chris at bigballofwax.co.nz>
Date:   Wed Nov 27 05:51:19 2013 +1300

    Bug 11307: (follow-up) apply fix to bootstrap theme (master and 3.14.x only)
    
    To test:
    Same as first patch, but using bootstrap theme
    
    Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>

commit 6f0d4153dfb8f85ab2b41c1e2780d4171c00e4ee
Author: Chris Cormack <chris at bigballofwax.co.nz>
Date:   Wed Nov 27 05:37:07 2013 +1300

    Bug 11307: Fix potential XSS attack in public catalog RSS feed
    
    To test:
    1/ Craft a url like
    /cgi-bin/koha/opac-search.pl?q=a&count=50"'<h1>test</h1>&sort_by=acqdate_dsc&format=rss2
    2/ look at the source, notice
    <opensearch:itemsPerPage>50"'<h1>test</h1></opensearch:itemsPerPage>
    3/ apply the patch, and reload url
    4/ source now contains
     <opensearch:itemsPerPage>50"'<h1>test</h1></opensearch:itemsPerPage>
    
    Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>

-----------------------------------------------------------------------

Summary of changes:
 koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-opensearch.tt |    2 +-
 koha-tmpl/opac-tmpl/prog/en/modules/opac-opensearch.tt      |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list