Update release notes with security bugs

[koha.git] / misc / release_notes / release_notes_18_05_12.md

diff --git a/misc/release_notes/release_notes_18_05_12.md b/misc/release_notes/release_notes_18_05_12.md
index 05d899d..c9a3f16 100644 (file)
--- a/misc/release_notes/release_notes_18_05_12.md
+++ b/misc/release_notes/release_notes_18_05_12.md
@@ -17,11 +17,19 @@ Installation instructions can be found at:
 - [Koha Wiki](http://wiki.koha-community.org/wiki/Installation_Documentation)
 - OR in the INSTALL files that come in the tarball
 
-Koha 18.05.12 is a bugfix/maintenance release.
+Koha 18.05.12 is a bugfix/maintenance release with security fixes.
 
-It includes 1 enhancements, 31 bugfixes.
+It includes 4 security fixes, 1 enhancements, 31 bugfixes.
 
 
+## Security bugs
+
+### Koha
+
+- [[22068]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22068) Canceling article request should verify the request belongs to the borrower
+- [[22478]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22478) Cross-site scripting vulnerability in paginations
+- [[22542]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22542) Back browser should not allow to see other patrons details (see bug 5371)
+- [[22692]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22692) Logging in via cardnumber circumvents account logout
 
 
 ## Enhancements
@@ -241,17 +249,17 @@ The release team for Koha 18.05.12 is
   - Jon Knight
   - [Indranil Das Gupta](mailto:indradg@l2c2.co.in)
 - Packaging Manager: [Mirko Tietgen](mailto:mirko@abunchofthings.net)
-- Documentation Manager: Caroline Cyr La Rose
+- Documentation Manager: Caroline Cyr-La-Rose
 - Documentation Team:
   - David Nind
   - Lucy Vaux-Harvey
 
 - Translation Managers: 
   - [Indranil Das Gupta](mailto:indradg@l2c2.co.in)
-  - [Bernardo Gonzalez Kriegel](mailto:bgkriegel@gmail.com)
+  - [Bernardo González Kriegel](mailto:bgkriegel@gmail.com)
 
 - Wiki curators: 
-  - Caroline Cyr La Rose
+  - Caroline Cyr-La-Rose
 - Release Maintainers:
   - 18.11 -- [Martin Renvoize](mailto:martin.renvoize@ptfs-europe.com)
   - 18.05 -- Lucas Gass
@@ -276,7 +284,7 @@ We thank the following individuals who contributed patches to Koha 18.05.12.
 - Nick Clemens (3)
 - Jonathan Druart (4)
 - Katrin Fischer (6)
-- Lucas Gass (5)
+- Lucas Gass (6)
 - Owen Leonard (8)
 - Ere Maijala (1)
 - Hayley Mapley (5)
@@ -296,7 +304,7 @@ patches to Koha 18.05.12
 - ACPL (8)
 - BibLibre (7)
 - BSZ BW (6)
-- ByWater-Solutions (8)
+- ByWater-Solutions (9)
 - Catalyst (5)
 - Coeur D'Alene Public Library (4)
 - Independant Individuals (3)
@@ -317,13 +325,11 @@ for Koha.
 - Nick Clemens (45)
 - Chris Cormack (4)
 - Michal Denar (3)
-- Devinim (1)
 - Jonathan Druart (3)
 - Katrin Fischer (21)
-- Lucas Gass (50)
+- Lucas Gass (60)
 - Kyle Hall (4)
 - Owen Leonard (1)
-- Lisette (3)
 - Ere Maijala (1)
 - Hayley Mapley (2)
 - Jose-Mario Monteiro-Santos (2)
@@ -333,9 +339,11 @@ for Koha.
 - Martin Renvoize (67)
 - David Roberts (1)
 - Marcel de Rooy (7)
+- Lisette Scheer (3)
 - Maryse Simard (1)
 - Pierre-Marc Thibault (4)
 - Bin Wen (4)
+- Mengü Yazıcıoğlu (1)
 
 
 
@@ -351,7 +359,7 @@ version of Koha can be retrieved by checking out the master branch of:
 - [Koha Git Repository](git://git.koha-community.org/koha.git)
 
 The branch for this version of Koha and future bugfixes in this release
-line is rmain1805.
+line is 18.05.x.
 
 ## Bugs and feature requests
 
@@ -363,4 +371,4 @@ tracker at:
 He rau ringa e oti ai.
 (Many hands finish the work)
 
-Autogenerated release notes updated last on 29 Apr 2019 05:13:28.
+Autogenerated release notes updated last on 02 May 2019 12:42:22.