[koha-commits] main Koha release repository branch 3.22.x updated. v3.22.09-111-gd0c34a3

Git repo owner gitmaster at git.koha-community.org
Mon Aug 22 08:47:57 CEST 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 3.22.x has been updated
       via  d0c34a3bacc72a0ba8b516e3ea95aa173b7fae34 (commit)
       via  df4e1961721070a12c5659c505150732307a2287 (commit)
      from  a85aea7a61c0ee87c386c28cca0ee3ce2b2ce4c3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d0c34a3bacc72a0ba8b516e3ea95aa173b7fae34
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Tue Aug 2 14:15:09 2016 +0100

    Bug 17023: Fix XSS in acqui/z3950_search.pl
    
    Test plan:
    Enter the following in the different inputs:
    <script>alert('XSS')</script>
    
    => Without this patch you will see the alert
    => With this patch, no more alert
    
    Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
    
    Signed-off-by: Katrin Fischer <katrin.fischer.83 at web.de>
    
    Signed-off-by: Brendan Gallagher <brendan at bywatersolutions.com>
    (cherry picked from commit eb543a90848b97d35aa15052c8881134926a3ed0)
    Signed-off-by: Frédéric Demians <f.demians at tamil.fr>
    (cherry picked from commit 7cb27f092a4c699fcd428083383eef6f515da3e3)
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>

commit df4e1961721070a12c5659c505150732307a2287
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Tue Aug 2 14:06:41 2016 +0100

    Bug 17023: Fix XSS in cataloguing/z3950_search.pl
    
    Test plan:
    Enter the following in the different inputs:
    <script>alert('XSS')</script>
    
    => Without this patch you will see the alert
    => With this patch, no more alert
    
    Signed-off-by: Chris Cormack <chrisc at catalyst.net.nz>
    
    Signed-off-by: Katrin Fischer <katrin.fischer.83 at web.de>
    
    Signed-off-by: Brendan Gallagher <brendan at bywatersolutions.com>
    (cherry picked from commit f6e0a619d974fe002ec6a920206c7bc2808bce26)
    Signed-off-by: Frédéric Demians <f.demians at tamil.fr>
    (cherry picked from commit 98c6d7873535d52609657ecaf256740c95c0e532)
    Signed-off-by: Julian Maurice <julian.maurice at biblibre.com>

-----------------------------------------------------------------------

Summary of changes:
 .../prog/en/modules/acqui/z3950_search.tt          |   56 ++++++++++----------
 .../prog/en/modules/cataloguing/z3950_search.tt    |   54 +++++++++----------
 2 files changed, 55 insertions(+), 55 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list