[koha-commits] main Koha release repository branch 3.18.x updated. v3.18.08-56-g5368765
Git repo owner
gitmaster at git.koha-community.org
Tue Jul 21 06:19:36 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, 3.18.x has been updated
via 536876521ab81e549ee567aab92de3638e77d0b6 (commit)
via d50680852a6a485d81028805d8b8ed21651b596d (commit)
via 9513b93c828dfbc4413f9e0df63647401aaf4e58 (commit)
via 21d6252b1f8680dee66e49d9083e96e70c0554b1 (commit)
from 76cb0ce2ba09d596b95de41ab2d2a0b58bf65f5f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 536876521ab81e549ee567aab92de3638e77d0b6
Author: Liz Rea <wizzyrea at gmail.com>
Date: Tue Jul 21 16:19:11 2015 +1200
Updating release notes for 3.18.09 release
Signed-off-by: Liz Rea <wizzyrea at gmail.com>
commit d50680852a6a485d81028805d8b8ed21651b596d
Author: Liz Rea <wizzyrea at gmail.com>
Date: Tue Jul 21 16:16:20 2015 +1200
Revert "Update release notes for 3.18.09 release"
This reverts commit 9b158d3887fac219d6f96cbc8babc74b98c5dc84.
Too soon, executus!
commit 9513b93c828dfbc4413f9e0df63647401aaf4e58
Author: David Cook <dcook at prosentient.com.au>
Date: Mon Jul 13 14:06:46 2015 +1000
Bug 14521: SQL injection in local use system preferences
This patch fixes a SQL injection vulnerability in the local use
system preferences.
_TEST PLAN_
Before applying:
1) Go to Global System Preferences
2) Click on the "Local use" tab
3) Add a new preference with the value "') or '1' = '1' -- "
(be sure to include the space at the end after the comment --).
4) When the page refreshes, you should now see about 99 other system
preferences which shouldn't be showing up.
5) Apply the patch
6) Refresh the page
7) Note that you now only see a system preference for "') or '1' = '1' -- "
and the other actual local use system preferences.
Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen at unc.edu.ar>
(cherry picked from commit a72262a950aa701cebe460e2a3a7586edecd86be)
Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
Signed-off-by: Liz Rea <wizzyrea at gmail.com>
commit 21d6252b1f8680dee66e49d9083e96e70c0554b1
Author: Mason James <mtj at kohaaloha.com>
Date: Wed Apr 8 19:14:55 2015 +1200
Bug 13966 - Backport HEA to Koha 3.16 and/or 3.14
This trivial patch stops any potential SQL errors/warnings for a HEA enabled 3.16 or 3.14 Koha, when upgrading to a newer Koha
Signed-off-by: Jonathan Druart <jonathan.druart at biblibre.com>
Add the missing prefs unless they exist and don't raise an error if already
exist.
Signed-off-by: Katrin Fischer <katrin.fischer.83 at web.de>
-----------------------------------------------------------------------
Summary of changes:
admin/systempreferences.pl | 6 +++--
installer/data/mysql/updatedatabase.pl | 2 +-
misc/release_notes/release_notes_3_18_9.txt | 37 +++++++++++++++++----------
3 files changed, 29 insertions(+), 16 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list