At 06:27 PM 12/1/2014 -0300, Larry Letelier wrote:
Hi Liz, Everybody:
Carlos publish the issue here: http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13367
And I get a great big, red "You are not authorized to access bug #13367" even after I log in... Best -- Paul
Thanks to all, --LL
On Mon, Dec 1, 2014 at 5:27 PM, Liz Rea <liz@catalyst.net.nz> wrote:
Hi Larry,
If you wouldn't mind filing your results in a security bug at http://koha-community.org/security/ (the big blue link at the top of that page) it would be very helpful.
Thanks for reporting your results to us!
Cheers, Liz Rea
Hi guys,
In a Security scan test, Koha appears with some issues related to CSRF attacks, we have 3.16 and we are trying with git-bz, but i dont know if
On 01/12/14 20:17, Larry Letelier N. wrote: that is the right way and how that versión is related with git-bz.
Any clue?
Thanks in advance, -LL
_______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
-- -- Liz Rea Catalyst.Net Limited Level 6, Catalyst House, 150 Willis Street, Wellington. P.O Box 11053, Manners Street, Wellington 6142
GPG: B149 A443 6B01 7386 C2C7 F481 B6c2 A49D 3726 38B7
_______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
-- *-- Larry Letelier N.* *F: **+56 2 3205 2737* *F: **+56 9 7589 6842* _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
Paul A schreef op ma 01-12-2014 om 20:41 [-0500]:
And I get a great big, red "You are not authorized to access bug #13367" even after I log in...
That's because it's a security issue, and you're not allowed to see them. Not just you, but anyone not in the security groups, which tends to correspond with those who need to be involved in organising an out-of-sequence release to deal with serious security issues. -- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
Thanks Robin for clarify On Mon, Dec 1, 2014 at 10:53 PM, Robin Sheat <robin@catalyst.net.nz> wrote:
Paul A schreef op ma 01-12-2014 om 20:41 [-0500]:
And I get a great big, red "You are not authorized to access bug #13367" even after I log in...
That's because it's a security issue, and you're not allowed to see them.
Not just you, but anyone not in the security groups, which tends to correspond with those who need to be involved in organising an out-of-sequence release to deal with serious security issues.
-- Robin Sheat Catalyst IT Ltd. ✆ +64 4 803 2204 GPG: 5FA7 4B49 1E4D CAA4 4C38 8505 77F5 B724 F871 3BDF
_______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
-- *-- Larry Letelier N.* *F: **+56 2 3205 2737* *F: **+56 9 7589 6842*
participants (3)
-
Larry Letelier -
Paul A -
Robin Sheat