932 435 179 /

info@orex.es

Koha 17.05.03 parche de seguridad

por | Ago 30, 2017 | Koha | 0 Comentarios

La comunidad de Koha acaba de presentar el parche de seguridad 17.05.03, este parche se centra en mejorar la seguridad del sistema

 

Security bugs fixed

  • [19035] Stored XSS in patron lists – lists.pl
  • [19114] Stored XSS in parcels.pl
  • [19112] Stored XSS in basketheader.pl page
  • [19110] XSS Stored in branches.pl
  • [19100] XSS Flaws in memberentry.pl
  • [19105] XSS Stored in holidays.pl
  • [16069] XSS issue in basket.pl
  • [19079] XSS Flaws in Membership page
  • [19033] XSS Flaws in Currencies and exchange page
  • [19034] XSS Flaws in- Cities – Z39.50/SRU servers administration – Patron categories pages
  • [19050] XSS Flaws in Quick spine label creator
  • [19051] XSS Flaws in – Batch record deletion page – Batch item deletion page – Batch item modification page
  • [19052] XSS Flaws in – vendor search page – Invoice search page
  • [19054] XSS Flaws in Report – Top Most-circulated items
  • [19078] XSS Flaws in System preferences
  • [18726] OPAC XSS – biblionumber

Enhancements

Acquisitions

  • [18839] suggestion.pl: ‘unknown’ is spelled ‘unkown’

Architecture, internals, and plumbing

  • [18361] Koha::Objects->find should accept composite primary keys
  • [18539] Forbid Koha::Objects->find calls in list context

Critical bugs fixed

Patrons

  • [18987] When browsing for a patron by last name the page processes indefinitely

Other bugs fixed

Architecture, internals, and plumbing

  • [18605] Remove TRUNCATE from C4/HoldsQueue.pm

I18N/L10N

  • [18367] Fix untranslatable string from Bug 18264

OPAC

  • [18545] Remove use of onclick from OPAC Cart

Patrons

  • [18832] Missing space between icon and label in button ‘Patron lists’

System Administration

  • [18965] branch transfer limits pagination save bug

Templates

  • [19000] about page – Typo in closing p tag

Test Suite

  • [18951] Some t/Biblio tests are database dependent
  • [18976] Fix t/db_dependent/Auth.t cleanup
  • [18977] Rollback branch in t/db_dependent/SIP/Message.t
  • [18982] selenium tests needs too many prerequisites
  • [18991] Fix cleanup in t/db_dependent/Log.t

Tools

  • [18918] Exporting bibs in CSV when you have no CSV profiles created causes error