<li>OR in the INSTALL files that come in the tarball</li>
</ul>
-<p>Koha 18.05.12 is a bugfix/maintenance release.</p>
+<p>Koha 18.05.12 is a bugfix/maintenance release with security fixes.</p>
-<p>It includes 1 enhancements, 31 bugfixes.</p>
+<p>It includes 4 security fixes, 1 enhancements, 31 bugfixes.</p>
+
+<h2 id="securitybugs">Security bugs</h2>
+
+<h3 id="koha">Koha</h3>
+
+<ul>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22068">[22068]</a> Canceling article request should verify the request belongs to the borrower</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22478">[22478]</a> Cross-site scripting vulnerability in paginations</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22542">[22542]</a> Back browser should not allow to see other patrons details (see bug 5371)</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22692">[22692]</a> Logging in via cardnumber circumvents account logout</li>
+</ul>
<h2 id="enhancements">Enhancements</h2>
<li><a href="mailto:indradg@l2c2.co.in">Indranil Das Gupta</a></li>
</ul></li>
<li>Packaging Manager: <a href="mailto:mirko@abunchofthings.net">Mirko Tietgen</a></li>
-<li>Documentation Manager: Caroline Cyr La Rose</li>
+<li>Documentation Manager: Caroline Cyr-La-Rose</li>
<li><p>Documentation Team:</p>
<ul>
<ul>
<li><a href="mailto:indradg@l2c2.co.in">Indranil Das Gupta</a></li>
-<li><a href="mailto:bgkriegel@gmail.com">Bernardo Gonzalez Kriegel</a></li>
+<li><a href="mailto:bgkriegel@gmail.com">Bernardo González Kriegel</a></li>
</ul></li>
<li><p>Wiki curators: </p>
<ul>
-<li>Caroline Cyr La Rose</li>
+<li>Caroline Cyr-La-Rose</li>
</ul></li>
<li>Release Maintainers:
<ul>
<li>Nick Clemens (3)</li>
<li>Jonathan Druart (4)</li>
<li>Katrin Fischer (6)</li>
-<li>Lucas Gass (5)</li>
+<li>Lucas Gass (6)</li>
<li>Owen Leonard (8)</li>
<li>Ere Maijala (1)</li>
<li>Hayley Mapley (5)</li>
<li>ACPL (8)</li>
<li>BibLibre (7)</li>
<li>BSZ BW (6)</li>
-<li>ByWater-Solutions (8)</li>
+<li>ByWater-Solutions (9)</li>
<li>Catalyst (5)</li>
<li>Coeur D'Alene Public Library (4)</li>
<li>Independant Individuals (3)</li>
<li>Nick Clemens (45)</li>
<li>Chris Cormack (4)</li>
<li>Michal Denar (3)</li>
-<li>Devinim (1)</li>
<li>Jonathan Druart (3)</li>
<li>Katrin Fischer (21)</li>
-<li>Lucas Gass (50)</li>
+<li>Lucas Gass (60)</li>
<li>Kyle Hall (4)</li>
<li>Owen Leonard (1)</li>
-<li>Lisette (3)</li>
<li>Ere Maijala (1)</li>
<li>Hayley Mapley (2)</li>
<li>Jose-Mario Monteiro-Santos (2)</li>
<li>Martin Renvoize (67)</li>
<li>David Roberts (1)</li>
<li>Marcel de Rooy (7)</li>
+<li>Lisette Scheer (3)</li>
<li>Maryse Simard (1)</li>
<li>Pierre-Marc Thibault (4)</li>
<li>Bin Wen (4)</li>
+<li>Mengü Yazıcıoğlu (1)</li>
</ul>
<p>We regret any omissions. If a contributor has been inadvertently missed,
</ul>
<p>The branch for this version of Koha and future bugfixes in this release
-line is rmain1805.</p>
+line is 18.05.x.</p>
<h2 id="bugsandfeaturerequests">Bugs and feature requests</h2>
<p>He rau ringa e oti ai.
(Many hands finish the work)</p>
-<p>Autogenerated release notes updated last on 29 Apr 2019 05:13:28.</p>
+<p>Autogenerated release notes updated last on 02 May 2019 12:42:22.</p>
projects / koha.git / blobdiff