:toc:
:numbered:
+Evergreen 2.10.11
+-----------------
+
+This release contains several bug fixes improving on Evergreen 2.10.10.
+
+* A fix to avoid fetching and creating EDI message entries that the
+system cannot parse.
+* A fix to prevent staff users from marking a long overdue item as lost
+so that the patron will not be billed twice for the same item.
+* A fix to the link that is used on the catalog's Library Info page so
+that links with anchors can be successfully retrieved.
+* A replacement for the blank fallback image used when the catalog cannot
+retrieve an added content book cover.
+* An EDI fix that prevents EDI fetcher from crashing when the vendor
+supplies a zero-length file.
+* A fix to an issue where adjusting a bill to zero for a current checkout
+prematurely closes the transaction.
+* A fix to encoding problems in MODS output. These problems caused issues
+when using Zotero with records in the catalog.
+* A fix that marks a hold as fulfilled when staff check out a hold-
+captured item for a hold whose expire time is in the past.
+* A change to the acquisitions funding source funds drop down menu so that
+the menu will now only display active funds and will also display the
+year alongside the fund.
+* A fix to a problem where the Current Bills tab of the patron record
+showed duplicate charges when a check in was done from the Items Out tab.
+* A fix that hides the option to add to My Lists from the staff client since this functionality does not work as expected in the staff client.
+* A change to the fund year selectors in acq interfaces so that the years
+are sorted in descending order.
+* A fix to a billing issue where transactions were not re-opened after
+they acquired a non-zero balance at check in.
+
+Acknowledgements
+~~~~~~~~~~~~~~
+We would like to thank the following individuals who contributed code,
+testing and documentation patches to the 2.10.11 point release of
+Evergreen:
+
+* Jason Boyer
+* Galen Charlton
+* Jeff Davis
+* Bill Erickson
+* Jason Etheridge
+* Kathy Lussier
+* Christine Morgan
+* Michele Morgan
+* Terran McCanna
+* Jane Sandberg
+* Jonathan Schatz
+* Dan Scott
+* Ben Shum
+* Remington Steed
+* Dan Wells
+* Bob Wicksall
+
+Evergreen 2.10.10
+-----------------
+This is a security release that also contains several other bug fixes improving
+on Evergreen 2.10.9. All users of Evergreen 2.10.x are recommended to upgrade
+to 2.10.10 as soon as possible.
+
+Security Issue: Credit Processor Stripe Settings Permissions
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Unprivileged users can retrieve organizational unit setting values for
+setting types lacking a "view" permission. When the feature adding
+Stripe credit card processing was added, the upgrade script neglected
+to add the VIEW_CREDIT_CARD_PROCESSING permission to the
+organizational unit setting type. This means that anyone can retrieve
+and view the settings for Stripe credit card processing.
+
+Any system that upgraded from Evergreen version 2.5 to 2.6 is
+affected. If you use Stripe for credit card processing, it is
+strongly recommended that you apply this upgrade. Even if you do not
+use Stripe, applying this upgrade is still recommended. If you did
+not upgrade from version 2.5 to 2.6 of Evergreen, but started with a
+later version, applying this upgrade is harmless.
+
+If you are not ready to perform a full upgrade, and if you use Stripe,
+you can protect the settings by running the following two SQL statements:
+
+[source,sql]
+----
+UPDATE config.org_unit_setting_type
+ SET view_perm = (SELECT id FROM permission.perm_list
+ WHERE code = 'VIEW_CREDIT_CARD_PROCESSING' LIMIT 1)
+ WHERE name LIKE 'credit.processor.stripe%' AND view_perm IS NULL;
+
+UPDATE config.org_unit_setting_type
+ SET update_perm = (SELECT id FROM permission.perm_list
+ WHERE code = 'ADMIN_CREDIT_CARD_PROCESSING' LIMIT 1)
+ WHERE name LIKE 'credit.processor.stripe%' AND update_perm IS NULL;
+----
+
+Other Fixes
+~~~~~~~~~
+Evergreen 2.10.10 also contains the following bug fixes:
+
+* A fix to correctly apply floating group settings when performing
+no-op checkins.
+* A fix to the HTML coding of the temporary lists page.
+* A fix of a problem where certain kinds of requests of information
+about the organizational unit hierarchy to consume all available
+`open-ils.cstore` backends.
+* A fix to allow staff to use the 'place another hold' link without
+running into a user interface loop.
+* A fix to the 'Edit Due Date' form in the web staff client.
+* A fix to sort billing types and non-barcoded item types in alphabetical
+order in the web staff client.
+* A fix to the 'return to grouped search results' link in the public
+catalog.
+* A fix to allow pre-cat checkouts in the web staff client without requiring
+a circulation modifier.
+* Other typo and documentation fixes.
+
+Acknowledgements
+~~~~~~~~~~~~~~
+We would like to thank the following individuals who contributed code,
+testing and documentation patches to the 2.10.10 point release of
+Evergreen:
+
+* Ben Shum
+* Bill Erickson
+* Blake Henderson
+* Chris Sharp
+* Christine Burns
+* Galen Charlton
+* Jane Sandberg
+* Jason Stephenson
+* Jeanette Lundgren
+* Josh Stompro
+* Kathy Lussier
+* Kyle Huckins
+* Mike Rylander
+
Evergreen 2.10.9
----------------
-This release contains several bugfixes improving on Evergreen 2.10.8
+This release contains several bug fixes improving on Evergreen 2.10.8
* A fix to the web client patron interface that changed the holds count in the
patron summary from total / available to available / total.
Evergreen 2.10.8
----------------
-This release contains several bugfixes improving on Evergreen 2.10.7
+This release contains several bug fixes improving on Evergreen 2.10.7
* A fix to that provides alphabetical sorting to the fund selector in
the Acquisitions Selection List -> Copies interface.
Evergreen 2.10.7
----------------
-This release contains several bugfixes improving on Evergreen 2.10.6.
+This release contains several bug fixes improving on Evergreen 2.10.6.
* When adding a price to the Acquisitions Brief Record price field, it will
now propogate to the lineitem estimated price field.
Evergreen 2.10.6
----------------
-This release contains bugfixes improving on Evergreen 2.10.5.
+This release contains bug fixes improving on Evergreen 2.10.5.
Add Date Header to Action Trigger Email/SMS Templates
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And this line should be inserted into the header block of each template:
`Date: [%- date.format(date.now, '%a, %d %b %Y %T -0000', gmt => 1) %]`
-Other Bugfixes
-~~~~~~~~~~~~~~
+Other Bug Fixes
+~~~~~~~~~~~~~~~
* Prorating invoice charges now works again.
* The claims never checked out counter on the patron record is now
incremented correctly when marking a lost loan as
Evergreen 2.10.5
----------------
-This release contains bugfixes improving on Evergreen 2.10.4
+This release contains bug fixes improving on Evergreen 2.10.4
* Fixes SIP2 failures with patron information messages when a
patron has one or more blocking penalties that are not otherwise
Evergreen 2.10.4
----------------
-This release contains bugfixes improving on Evergreen 2.10.3
+This release contains bug fixes improving on Evergreen 2.10.3
* Fixes the responsive view of the My Account Items Out screen so that Title and
Author are now in separate columns.
Evergreen 2.10.3
----------------
-This release contains bugfixes improving on Evergreen 2.10.2:
+This release contains bug fixes improving on Evergreen 2.10.2:
* Fixes a critical bug where a newly-registered patron record could
not be used to log in to Evergreen using the password supplied during
Evergreen 2.10.2
----------------
-This release contains several bugfixes improving on Evergreen 2.10.1
+This release contains several bug fixes improving on Evergreen 2.10.1
* Fixes a bug where phrase searching in the catalog failed when the phrase
started or ended with punctuation.
each facet field". The default limit value is 1,000, but lower values
(e.g., 100) are perhaps even better for most catalogs.
-Significant bugfixes
-~~~~~~~~~~~~~~~~~~~~
+Significant bug fixes
+~~~~~~~~~~~~~~~~~~~~~
Add acquisitions cancel reason 85 for Baker & Taylor EDI
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
projects / Evergreen.git / commitdiff