Koha ILS

koha:3.18.x

  1. Git
  2. lp:koha
  3. 3.18.x
Last commit made on 2015-06-23
Get this branch:
git clone -b 3.18.x https://git.launchpad.net/koha
Members of Koha Release Team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
3.18.x
Repository:
lp:koha

Recent commits

0580342... by Liz Rea

Bug 14408 & 14439 - typo fixes for regexes

0078711... by Liz Rea

Update release number in updatedatabase

Typo.

c4d16bb... by Liz Rea

Minor release note update

a55fd07... by Liz Rea

Revert "Bug 13815 - plack loose CGI qw(-utf8) flag creating incorrect utf-8 encoding everywhere"

This reverts commit af127c124f1575a96cc3efca7eff0ef9135e88e6.

Oops.

e4ec3ed... by Liz Rea

Merge branch 'security-3.18.x' into rmaint-3.18.x

814f22e... by Liz Rea

Increment version for 3.18.8 release

Signed-off-by: Liz Rea <email address hidden>

adc35d7... by Liz Rea

Update release notes for 3.18.8 release

Signed-off-by: Liz Rea <email address hidden>

3e86cb1... by Liz Rea

Bug 14423 - tab characters in auth_subfields_structure

b847e4e... by Chris Cormack

Bug 14423 : Multiple XSS bugs in suggestion.pl

To test
1/ Hit a url like http://localhost:8081/cgi-bin/koha/suggestion/suggestion.pl?author=%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&accepteddate_to=
2/ Notice alert box(es)
3/ Apply patch
4/ Reload and notice alert is gone

Repeat for
collection_title
copyrightdate
isbn
manageddate_from
manageddate_to
publishercode
suggesteddate_from
suggesteddate_to

Signed-off-by: Jonathan Druart <email address hidden>

Signed-off-by: Katrin Fischer <email address hidden>
Signed-off-by: Liz Rea <email address hidden>

5de6752... by Chris Cormack

Bug 14423 : Multiple XSS vulnerabilities in serials-search

To test

1/ Hit a url like http://localhost:8081/cgi-bin/koha/serials/serials-search.pl?bookseller_filter=%22%22%22%3E%3Cscript%3Ealert%28%27oh%20noes%27%29%3C/script%3E&searched=1&title_filter=
2/ Notice alert boxes
3/ Apply patch
4/ Reload, notice fixed

Repeat for
callnumber_filter
EAN_filter
ISSN_filter
publisher_filter
title_filter

Signed-off-by: Jonathan Druart <email address hidden>

Signed-off-by: Katrin Fischer <email address hidden>
Signed-off-by: Liz Rea <email address hidden>