<li>OR in the INSTALL files that come in the tarball</li>
</ul>
-<p>Koha 18.05.12 is a bugfix/maintenance release.</p>
+<p>Koha 18.05.12 is a bugfix/maintenance release with security fixes.</p>
-<p>It includes 1 enhancements, 31 bugfixes.</p>
+<p>It includes 4 security fixes, 1 enhancements, 31 bugfixes.</p>
+
+<h2 id="securitybugs">Security bugs</h2>
+
+<h3 id="koha">Koha</h3>
+
+<ul>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22068">[22068]</a> Canceling article request should verify the request belongs to the borrower</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22478">[22478]</a> Cross-site scripting vulnerability in paginations</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22542">[22542]</a> Back browser should not allow to see other patrons details (see bug 5371)</li>
+<li><a href="http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22692">[22692]</a> Logging in via cardnumber circumvents account logout</li>
+</ul>
<h2 id="enhancements">Enhancements</h2>
<li><a href="mailto:indradg@l2c2.co.in">Indranil Das Gupta</a></li>
</ul></li>
<li>Packaging Manager: <a href="mailto:mirko@abunchofthings.net">Mirko Tietgen</a></li>
-<li>Documentation Manager: Caroline Cyr La Rose</li>
+<li>Documentation Manager: Caroline Cyr-La-Rose</li>
<li><p>Documentation Team:</p>
<ul>
<ul>
<li><a href="mailto:indradg@l2c2.co.in">Indranil Das Gupta</a></li>
-<li><a href="mailto:bgkriegel@gmail.com">Bernardo Gonzalez Kriegel</a></li>
+<li><a href="mailto:bgkriegel@gmail.com">Bernardo González Kriegel</a></li>
</ul></li>
<li><p>Wiki curators: </p>
<ul>
-<li>Caroline Cyr La Rose</li>
+<li>Caroline Cyr-La-Rose</li>
</ul></li>
<li>Release Maintainers:
<ul>
<li>Nick Clemens (3)</li>
<li>Jonathan Druart (4)</li>
<li>Katrin Fischer (6)</li>
-<li>Lucas Gass (5)</li>
+<li>Lucas Gass (6)</li>
<li>Owen Leonard (8)</li>
<li>Ere Maijala (1)</li>
<li>Hayley Mapley (5)</li>
<li>ACPL (8)</li>
<li>BibLibre (7)</li>
<li>BSZ BW (6)</li>
-<li>ByWater-Solutions (8)</li>
+<li>ByWater-Solutions (9)</li>
<li>Catalyst (5)</li>
<li>Coeur D'Alene Public Library (4)</li>
<li>Independant Individuals (3)</li>
<li>Nick Clemens (45)</li>
<li>Chris Cormack (4)</li>
<li>Michal Denar (3)</li>
-<li>Devinim (1)</li>
<li>Jonathan Druart (3)</li>
<li>Katrin Fischer (21)</li>
-<li>Lucas Gass (50)</li>
+<li>Lucas Gass (60)</li>
<li>Kyle Hall (4)</li>
<li>Owen Leonard (1)</li>
-<li>Lisette (3)</li>
<li>Ere Maijala (1)</li>
<li>Hayley Mapley (2)</li>
<li>Jose-Mario Monteiro-Santos (2)</li>
<li>Martin Renvoize (67)</li>
<li>David Roberts (1)</li>
<li>Marcel de Rooy (7)</li>
+<li>Lisette Scheer (3)</li>
<li>Maryse Simard (1)</li>
<li>Pierre-Marc Thibault (4)</li>
<li>Bin Wen (4)</li>
+<li>Mengü Yazıcıoğlu (1)</li>
</ul>
<p>We regret any omissions. If a contributor has been inadvertently missed,
</ul>
<p>The branch for this version of Koha and future bugfixes in this release
-line is rmain1805.</p>
+line is 18.05.x.</p>
<h2 id="bugsandfeaturerequests">Bugs and feature requests</h2>
<p>He rau ringa e oti ai.
(Many hands finish the work)</p>
-<p>Autogenerated release notes updated last on 29 Apr 2019 05:13:28.</p>
+<p>Autogenerated release notes updated last on 02 May 2019 12:42:22.</p>
- [Koha Wiki](http://wiki.koha-community.org/wiki/Installation_Documentation)
- OR in the INSTALL files that come in the tarball
-Koha 18.05.12 is a bugfix/maintenance release.
+Koha 18.05.12 is a bugfix/maintenance release with security fixes.
-It includes 1 enhancements, 31 bugfixes.
+It includes 4 security fixes, 1 enhancements, 31 bugfixes.
+## Security bugs
+
+### Koha
+
+- [[22068]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22068) Canceling article request should verify the request belongs to the borrower
+- [[22478]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22478) Cross-site scripting vulnerability in paginations
+- [[22542]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22542) Back browser should not allow to see other patrons details (see bug 5371)
+- [[22692]](http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22692) Logging in via cardnumber circumvents account logout
## Enhancements
- Jon Knight
- [Indranil Das Gupta](mailto:indradg@l2c2.co.in)
- Packaging Manager: [Mirko Tietgen](mailto:mirko@abunchofthings.net)
-- Documentation Manager: Caroline Cyr La Rose
+- Documentation Manager: Caroline Cyr-La-Rose
- Documentation Team:
- David Nind
- Lucy Vaux-Harvey
- Translation Managers:
- [Indranil Das Gupta](mailto:indradg@l2c2.co.in)
- - [Bernardo Gonzalez Kriegel](mailto:bgkriegel@gmail.com)
+ - [Bernardo González Kriegel](mailto:bgkriegel@gmail.com)
- Wiki curators:
- - Caroline Cyr La Rose
+ - Caroline Cyr-La-Rose
- Release Maintainers:
- 18.11 -- [Martin Renvoize](mailto:martin.renvoize@ptfs-europe.com)
- 18.05 -- Lucas Gass
- Nick Clemens (3)
- Jonathan Druart (4)
- Katrin Fischer (6)
-- Lucas Gass (5)
+- Lucas Gass (6)
- Owen Leonard (8)
- Ere Maijala (1)
- Hayley Mapley (5)
- ACPL (8)
- BibLibre (7)
- BSZ BW (6)
-- ByWater-Solutions (8)
+- ByWater-Solutions (9)
- Catalyst (5)
- Coeur D'Alene Public Library (4)
- Independant Individuals (3)
- Nick Clemens (45)
- Chris Cormack (4)
- Michal Denar (3)
-- Devinim (1)
- Jonathan Druart (3)
- Katrin Fischer (21)
-- Lucas Gass (50)
+- Lucas Gass (60)
- Kyle Hall (4)
- Owen Leonard (1)
-- Lisette (3)
- Ere Maijala (1)
- Hayley Mapley (2)
- Jose-Mario Monteiro-Santos (2)
- Martin Renvoize (67)
- David Roberts (1)
- Marcel de Rooy (7)
+- Lisette Scheer (3)
- Maryse Simard (1)
- Pierre-Marc Thibault (4)
- Bin Wen (4)
+- Mengü Yazıcıoğlu (1)
- [Koha Git Repository](git://git.koha-community.org/koha.git)
The branch for this version of Koha and future bugfixes in this release
-line is rmain1805.
+line is 18.05.x.
## Bugs and feature requests
He rau ringa e oti ai.
(Many hands finish the work)
-Autogenerated release notes updated last on 29 Apr 2019 05:13:28.
+Autogenerated release notes updated last on 02 May 2019 12:42:22.
projects / koha.git / commitdiff