[koha-commits] main Koha release repository branch master updated. v16.11.00-154-g4e40339
Git repo owner
gitmaster at git.koha-community.org
Fri Dec 30 18:53:41 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".
The branch, master has been updated
via 4e40339db3209c913c79b935067e139b470255cc (commit)
from f43a73597e17687cfcf3ca0069d621b712eff57c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4e40339db3209c913c79b935067e139b470255cc
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date: Thu Dec 29 17:54:40 2016 +0100
Bug 17830: CSRF - Handle unicode characters in userid
If the userid of the logged in user contains unicode characters, the token
will not be generated correctly and Koha will crash with:
Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.
Test plan:
- Edit a superlibrarian user and set his/her userid to '❤' or any other strings
with unicode characters.
- Login using this patron
- Search for patrons and click on a result.
=> Without this patch, you will get a software error (with "Wide
character in subroutine entry" in the logs).
=> With this patch, everything will go fine
You can also test the other files modified by this patch.
Signed-off-by: Karam Qubsi <karamqubsi at gmail.com>
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
-----------------------------------------------------------------------
Summary of changes:
basket/sendbasket.pl | 4 ++--
members/deletemem.pl | 4 ++--
members/member-password.pl | 4 ++--
members/memberentry.pl | 4 ++--
members/moremember.pl | 2 +-
opac/opac-memberentry.pl | 8 ++++----
opac/opac-sendbasket.pl | 4 ++--
tools/import_borrowers.pl | 4 ++--
tools/picture-upload.pl | 6 +++---
9 files changed, 20 insertions(+), 20 deletions(-)
hooks/post-receive
--
main Koha release repository
More information about the koha-commits
mailing list