[koha-commits] main Koha release repository branch 3.16.x updated. v3.16.04-3-gb7f8b5c

Git repo owner gitmaster at git.koha-community.org
Wed Dec 10 07:36:57 CET 2014 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 3.16.x has been updated
       via  b7f8b5cfde600daede07b9fa281a1bbb4463d04d (commit)
       via  30ca6c1d0eaf15ffc4339cb20595241182b9cdae (commit)
      from  6073d8943c74dcb2319fbd8415f819521d5b1092 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b7f8b5cfde600daede07b9fa281a1bbb4463d04d
Author: Mason James <mtj at kohaaloha.com>
Date:   Wed Dec 10 18:46:09 2014 +1300

    Increment version for 3.16.5 release
    
    Signed-off-by: Mason James <mtj at kohaaloha.com>

commit 30ca6c1d0eaf15ffc4339cb20595241182b9cdae
Author: Chris Cormack <chrisc at catalyst.net.nz>
Date:   Wed Dec 10 12:47:30 2014 +1300

    Bug 13425 - XSS in opac facets - Patch for 3.16
    
    To Test
    1/ Craft a url like /cgi-bin/koha/opac-search.pl?q=123&sort_by='"><script>prompt('Happy_Holidays')</script>&limit=123
    
    It is important it must return results and facets
    
    2/ Notice the js is executed
    3/ Apply the patch test again
    
    Test this one both in prog and bootstrap please
    
    Signed-off-by: Brendan Gallagher <brendan at bywatersolutions.com>
    Signed-off-by: Mason James <mtj at kohaaloha.com>

-----------------------------------------------------------------------

Summary of changes:
 installer/data/mysql/updatedatabase.pl             |    6 +
 .../intranet-tmpl/prog/en/includes/facets.inc      |    2 +-
 kohaversion.pl                                     |    2 +-
 misc/release_notes/release_notes_3_16_5.txt        |  226 ++++++++++++++++++++
 4 files changed, 234 insertions(+), 2 deletions(-)
 create mode 100644 misc/release_notes/release_notes_3_16_5.txt


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list