[koha-commits] main Koha release repository branch master updated. v16.11.00-154-g4e40339

Git repo owner gitmaster at git.koha-community.org
Fri Dec 30 18:53:41 CET 2016 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, master has been updated
       via  4e40339db3209c913c79b935067e139b470255cc (commit)
      from  f43a73597e17687cfcf3ca0069d621b712eff57c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 4e40339db3209c913c79b935067e139b470255cc
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Thu Dec 29 17:54:40 2016 +0100

    Bug 17830: CSRF - Handle unicode characters in userid
    
    If the userid of the logged in user contains unicode characters, the token
    will not be generated correctly and Koha will crash with:
      Wide character in subroutine entry at /usr/share/perl5/Digest/HMAC.pm line 63.
    
    Test plan:
    - Edit a superlibrarian user and set his/her userid to '❤' or any other strings
    with unicode characters.
    - Login using this patron
    - Search for patrons and click on a result.
    
    => Without this patch, you will get a software error (with "Wide
    character in subroutine entry" in the logs).
    => With this patch, everything will go fine
    
    You can also test the other files modified by this patch.
    
    Signed-off-by: Karam Qubsi <karamqubsi at gmail.com>
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>

-----------------------------------------------------------------------

Summary of changes:
 basket/sendbasket.pl       |    4 ++--
 members/deletemem.pl       |    4 ++--
 members/member-password.pl |    4 ++--
 members/memberentry.pl     |    4 ++--
 members/moremember.pl      |    2 +-
 opac/opac-memberentry.pl   |    8 ++++----
 opac/opac-sendbasket.pl    |    4 ++--
 tools/import_borrowers.pl  |    4 ++--
 tools/picture-upload.pl    |    6 +++---
 9 files changed, 20 insertions(+), 20 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list