[koha-commits] main Koha release repository branch master updated. v16.11.00-25-g8edb7f6

Git repo owner gitmaster at git.koha-community.org
Mon Dec 5 16:22:59 CET 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, master has been updated
       via  8edb7f6fb94a72f7ebc0b1d0ade031f0bed651cf (commit)
      from  59a322ae7014820603ac807de7234a13c06ad696 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 8edb7f6fb94a72f7ebc0b1d0ade031f0bed651cf
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Mon Dec 5 08:17:21 2016 +0000

    Bug 17720: CSRF - Handle unicode characters
    
    From the pod of Digest::MD5:
    """
    Since the MD5 algorithm is only defined for strings of bytes, it can not
    be used on strings that contains chars with ordinal number above 255
    (Unicode strings). The MD5 functions and methods will croak if you try
    to feed them such input data.
    What you can do is calculate the MD5 checksum of the UTF-8
    representation of such strings.
    """
    
    Test plan:
    - Set a MySQL/MariaDB password with unicode characters:
      UPDATE user SET password=PASSWORD('❤') WHERE USER='koha_kohadev';
      FLUSH PRIVILEGES
    - Update your $KOHA_CONF file
    - Restart Memcached
    - Hit the files modified by this patch
    
    => Without this patch, you will get a software error (with "Wide
    character in subroutine entry" in the logs).
    => With this patch, everything will go fine
    
    Signed-off-by: Josef Moravec <josef.moravec at gmail.com>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
    
    Edit: removed debugging leftover
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>

-----------------------------------------------------------------------

Summary of changes:
 basket/sendbasket.pl       |    4 ++--
 members/deletemem.pl       |    5 +++--
 members/member-password.pl |    5 +++--
 members/memberentry.pl     |    5 +++--
 members/moremember.pl      |    3 ++-
 opac/opac-memberentry.pl   |    9 +++++----
 opac/opac-sendbasket.pl    |    4 ++--
 tools/import_borrowers.pl  |    6 +++---
 tools/picture-upload.pl    |    7 ++++---
 9 files changed, 27 insertions(+), 21 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list