At 10:32 AM 1/21/2014 -0800, Galen Charlton wrote:
Hi,
I have uploaded [1] version 1.0.2 of MARC::File::XML, a Perl module
which is used by Koha. This is a security release that repairs an XML
external entity (XXE) vulnerability. [snip]
Hi Galen - I've been keeping an eye open for this release for Ubuntu 12.04
LTS. After an 'update' I felt fairly comfortable as it showed 1.0.2, but
digging deeper, I find:
me@hardy:/$ sudo apt-cache show libmarc-xml-perl
Package: libmarc-xml-perl
Version: 1.0.2-1koha1
Architecture: all
Maintainer: Robin Sheat <ro...@catalyst.net.nz>
[snip]
Package: libmarc-xml-perl
Priority: optional
Section: universe/perl
Installed-Size: 108
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Original-Maintainer: Debian Perl Group
<pkg-perl-maintain...@lists.alioth.debian.org>
Architecture: all
Version: 0.92-1
[snip]
Could you please advise on 1.0.2 versus 0.92-1 -- the devil is always in
the details.
btw, it updated the sandbox seamlessly; as soon as I can find a cataloguer
to "give it a whirl", I'll do the production box -- unless you can point me
to any particular detail that would verify full functionality.
Many thanks and best regards -- Paul
_______________________________________________
Koha mailing list http://koha-community.org
Koha@lists.katipo.co.nz
http://lists.katipo.co.nz/mailman/listinfo/koha
