[koha-commits] main Koha release repository branch 17.11.x updated. v17.11.09-4-gcdcfce4

Git repo owner gitmaster at git.koha-community.org
Thu Aug 30 09:31:40 CEST 2018 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "main Koha release repository".

The branch, 17.11.x has been updated
       via  cdcfce4c6c1c6ad9018e620f6e8f6450c93d1900 (commit)
       via  a641c83caba3ec75c7cccc299d3b560404f84c56 (commit)
       via  42a4c281cde74fad9145c438bd7a97b1521f0a6d (commit)
       via  28ee71e6849e2be21f24626aad6530b55f514419 (commit)
      from  c0de9a7a3e2e9b7798a25030af195fa3ef0f0b22 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit cdcfce4c6c1c6ad9018e620f6e8f6450c93d1900
Author: Andrew Isherwood <andrew.isherwood at ptfs-europe.com>
Date:   Tue May 15 16:00:02 2018 +0100

    Bug 20770: ILL loans OPAC form notes field allow arbitrary input
    
    This patch addresses the lack of sanitization of the "notes" field on
    the OPAC "View Interlibrary loan request" page.
    
    To test:
    
    - Apply the patch
    - As an OPAC user, create an ILL request
    - Navigate to the request's "View Interlibrary loan request" page
    - Add the following note:
    
      Hello
      <h1>TESTING</h1>
      <script>alert('pwned');</script>
    
    - Click "Submit modifications"
    - TEST: Observe, when the page reloads, only the following is preserved in the
    "Notes" textarea:
    
        Hello
        TESTING
    
    - As a staff user, naviate to the ILL requests table
    - Select "Manage request" for the request you created
    - TEST: Observe that the Notes field only contains:
    
        Hello
        TESTING
    
    - TEST: Observe that no Javascript alert is displayed
    
    Signed-off-by: Mark Tompsett <mtompset at hotmail.com>
    
    Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
    Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
    (cherry picked from commit 552873f7d466abee6919414b8d2f5e6c99f9a44f)
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    (cherry picked from commit cc81442349cb07afe242607f2c40acb62e4e76fb)
    Signed-off-by: Fridolin Somers <fridolin.somers at biblibre.com>

commit a641c83caba3ec75c7cccc299d3b560404f84c56
Author: Nick Clemens <nick at bywatersolutions.com>
Date:   Thu Aug 16 14:03:28 2018 +0000

    Bug 21226: DBRev 17.11.09.001
    
    Signed-off-by: Fridolin Somers <fridolin.somers at biblibre.com>

commit 42a4c281cde74fad9145c438bd7a97b1521f0a6d
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Wed Aug 15 11:58:12 2018 -0300

    Bug 21226: Remove xISBN services
    
    OCLC has decided to retire all xISBN services:
    https://www.oclc.org/developer/news/2018/xid-decommission.en.html
    
    The code for related features has to be removed from Koha.
    
    Test plan:
    You need to be familiar with the different sysprefs (I am not):
    - FRBRizeEditions
    - SyndeticsEnabled
    - SyndeticsEditions
    - ThingISBN
    
    Make sure there are no regressions introduced by this patchset.
    
    QA Note: C4/XISBN.pm should be renammed
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    
    Signed-off-by: Nick Clemens <nick at bywatersolutions.com>
    (cherry picked from commit bce549bc4c0f9fefddb34fe614f6bf79aef882ea)
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    (cherry picked from commit 7cacd4ddb90d55238e0446a67ce4d68a54c58e3e)
    Signed-off-by: Fridolin Somers <fridolin.somers at biblibre.com>

commit 28ee71e6849e2be21f24626aad6530b55f514419
Author: Jonathan Druart <jonathan.druart at bugs.koha-community.org>
Date:   Wed Aug 15 11:36:21 2018 -0300

    Bug 21226: DB Changes
    
    Remove prefs OCLCAffiliateID, XISBN and XISBNDailyLimit
    
    Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    
    Signed-off-by: Nick Clemens <nick at bywatersolutions.com>
    (cherry picked from commit b19090c4505c0f407a7f3cbfe3c14da5cfecc657)
    Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
    (cherry picked from commit 8111e0c380c9d2c61a2b6b6665b5a7bad3a3e646)
    Signed-off-by: Fridolin Somers <fridolin.somers at biblibre.com>

-----------------------------------------------------------------------

Summary of changes:
 C4/UsageStats.pm                                     |    1 -
 C4/XISBN.pm                                          |   18 ++----------------
 Koha.pm                                              |    2 +-
 installer/data/mysql/sysprefs.sql                    |    3 ---
 installer/data/mysql/updatedatabase.pl               |    9 +++++++++
 koha-tmpl/intranet-tmpl/prog/css/staff-global.css    |    4 ++++
 .../modules/admin/preferences/enhanced_content.pref  |   16 ----------------
 .../prog/en/modules/ill/ill-requests.tt              |    4 ++--
 .../bootstrap/en/modules/opac-illrequests.tt         |    4 ++--
 t/db_dependent/UsageStats.t                          |    1 -
 t/db_dependent/XISBN.t                               |   17 +----------------
 11 files changed, 21 insertions(+), 58 deletions(-)


hooks/post-receive
-- 
main Koha release repository

More information about the koha-commits mailing list