Also, add pertinent release notes entry.
Signed-off-by: Dan Scott <dscott@laurentian.ca>
sub ils_version {
# version format is "x-y-z", for example "2-0-0" for Evergreen 2.0.0
# For branches, format is "x-y"
- return "2-1-4";
+ return "2-1-5";
}
__PACKAGE__->register_method(
);
INSERT INTO config.upgrade_log (version) VALUES ('0726'); -- denials
-INSERT INTO config.upgrade_log (version) VALUES ('2.1.4');
-INSERT INTO config.upgrade_log (version) VALUES ('2.1.3');
+INSERT INTO config.upgrade_log (version) VALUES ('2.1.5');
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
;!define /file PRODUCT_VERSION "client/VERSION"
!define PRODUCT_TAG "2.1"
!define PRODUCT_INSTALL_TAG "${PRODUCT_TAG}"
-!define UI_IMAGESET "beta"
-;!define UI_IMAGESET "release"
+;!define UI_IMAGESET "beta"
+!define UI_IMAGESET "release"
!define PRODUCT_NAME "Evergreen Staff Client ${PRODUCT_TAG}"
!define PRODUCT_PUBLISHER "Evergreen Community"
!define PRODUCT_WEB_SITE "http://evergreen-ils.org/"
-README for Evergreen 2.1.4
+README for Evergreen 2.1.5
==========================
Preamble: referenced user accounts
[source, bash]
------------------------------------------------------------------------------
-wget -c http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.1.4.tar.gz
-tar xzf previews/Evergreen-ILS-2.1.4.tar.gz
+wget -c http://evergreen-ils.org/downloads/Evergreen-ILS-2.1.5.tar.gz
+tar xzf Evergreen-ILS-2.1.5.tar.gz
------------------------------------------------------------------------------
Preamble: Developer instructions
+
[source, bash]
------------------------------------------------------------------------------
-make STAFF_CLIENT_STAMP_ID=rel_2_1_4 install
+make STAFF_CLIENT_STAMP_ID=rel_2_1_5 install
------------------------------------------------------------------------------
+
2. The server portion of the staff client expects `http://hostname/xul/server`
Evergreen 2.1 release notes
===========================
+Upgrade notes
+-------------
+
+SQL injection fix
+~~~~~~~~~~~~~~~~~
+To prevent arbitrary SQL being executed, the names of savepoints are now
+sanitized in open-ils.pcrud and open-ils.cstore operations.
+
+Log Protect (redaction)
+~~~~~~~~~~~~~~~~~~~~~~~
+To prevent sensitive information such as passwords from being logged
+in general activity logs, add the following XML chunk to the bottom of
+`opensrf_core.xml`, just inside the `<config>` section:
+
+[source, xml]
+----------------------------------------------------------------
+ ...
+ </routers>
+ <shared> <!-- new block starts here -->
+ <log_protect>
+ <match_string>open-ils.auth.authenticate.verify</match_string>
+ <match_string>open-ils.auth.authenticate.complete</match_string>
+ <match_string>open-ils.auth_proxy.login</match_string>
+ <match_string>open-ils.actor.user.password</match_string>
+ <match_string>open-ils.actor.user.username</match_string>
+ <match_string>open-ils.actor.user.email</match_string>
+ <match_string>open-ils.actor.patron.update</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.create</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.update</match_string>
+ <match_string>open-ils.cstore.direct.actor.user.delete</match_string>
+ </log_protect>
+ </shared> <!-- new block ends here -->
+</config>
+----------------------------------------------------------------
+
Installation enhancements
-------------------------
* `eg_db_config.pl` now has a `--create-database` option to automatically create
export PATH=${PATH}:/usr/sbin
AC_PREREQ(2.61)
-AC_INIT(Open-ILS, 2.1.4, open-ils-dev@list.georgialibraries.org)
-AM_INIT_AUTOMAKE([OpenILS], [2.1.4])
+AC_INIT(Open-ILS, 2.1.5, open-ils-dev@list.georgialibraries.org)
+AM_INIT_AUTOMAKE([OpenILS], [2.1.5])
AC_REVISION($Revision: 0.1 $)
AC_CONFIG_SRCDIR([configure.ac])
AC_PREFIX_DEFAULT([/openils/])
projects / contrib / Conifer.git / commitdiff