http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=2847
--- Comment #6 from Chris Nighswonger <[email protected]> 2011-11-23 13:07:05 UTC --- (In reply to comment #5) > is it just a problem on 3.4 ? it's OK for 3.6 ? > In this case, I think we can stay without this fix in 3.4 : it's a security > issue, I agree, but: > * it's staff related, so, to exploit such a bug, one would first need to have > a > valid login, so, the risk is low according to me. IMHO any security issue should be backported into any currently maintained branch. > * 3.4 EOL is probably close Not as close as we might imagine. As long as commits will apply, I plan on keeping 3.4.x alive until we reach a year from 3.6.x release. -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
