[koha-commits] main Koha release repository branch 3.14.x updated. v3.14.00-2-g2d4bbc3

Git repo owner gitmaster at git.koha-community.org
Tue Nov 26 19:01:19 CET 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 3.14.x has been updated
       via  2d4bbc3e186a39a807caef9f21cd5323c3a58f7b (commit)
       via  682e706a4ac10b416b51bdb1ea8894dbe21b345e (commit)
      from  3fe0e784516309050fc5b6eda1ab7fdaf7643048 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2d4bbc3e186a39a807caef9f21cd5323c3a58f7b
Author: Chris Cormack <chris at bigballofwax.co.nz>
Date:   Wed Nov 27 05:51:19 2013 +1300

    Bug 11307: (follow-up) apply fix to bootstrap theme (master and 3.14.x only)
    
    To test:
    Same as first patch, but using bootstrap theme
    
    Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>

commit 682e706a4ac10b416b51bdb1ea8894dbe21b345e
Author: Chris Cormack <chris at bigballofwax.co.nz>
Date:   Wed Nov 27 05:37:07 2013 +1300

    Bug 11307: Fix potential XSS attack in public catalog RSS feed
    
    To test:
    1/ Craft a url like
    /cgi-bin/koha/opac-search.pl?q=a&count=50"'<h1>test</h1>&sort_by=acqdate_dsc&format=rss2
    2/ look at the source, notice
    <opensearch:itemsPerPage>50"'<h1>test</h1></opensearch:itemsPerPage>
    3/ apply the patch, and reload url
    4/ source now contains
     <opensearch:itemsPerPage>50"'<h1>test</h1></opensearch:itemsPerPage>
    
    Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    Signed-off-by: Galen Charlton <gmc at esilibrary.com>

-----------------------------------------------------------------------

Summary of changes:
 koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-opensearch.tt |    2 +-
 koha-tmpl/opac-tmpl/prog/en/modules/opac-opensearch.tt      |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list