[open-ils-commits] [GIT] Evergreen ILS branch master updated. 6c8a0705fe84eaa926feb64a411236d98c10354b
Evergreen Git
git at git.evergreen-ils.org
Fri Apr 10 10:49:48 EDT 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, master has been updated
via 6c8a0705fe84eaa926feb64a411236d98c10354b (commit)
via 9cc10e9f181b83e1c8fe1f8e08f726bcf63b83aa (commit)
via 55555b7de4922e03ca93eec50dff391bf5862464 (commit)
from 21a5a968d5bdc486267e7bef41a1158735d66bf0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6c8a0705fe84eaa926feb64a411236d98c10354b
Author: Ben Shum <bshum at biblio.org>
Date: Fri Apr 10 10:48:43 2015 -0400
Docs: Update 2.8 RELEASE NOTES to include new Bug Fixes section
Signed-off-by: Ben Shum <bshum at biblio.org>
diff --git a/docs/RELEASE_NOTES_2_8.txt b/docs/RELEASE_NOTES_2_8.txt
index 4fbbfa9..fc21612 100644
--- a/docs/RELEASE_NOTES_2_8.txt
+++ b/docs/RELEASE_NOTES_2_8.txt
@@ -338,8 +338,8 @@ displays better on mobile devices.
-Miscellaneous
--------------
+Bug Fixes
+---------
IMPORTANT SECURITY INFORMATION
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -351,6 +351,40 @@ information. If you are running a vulnerable release of Evergreen you
are *strongly* encouraged to upgrade to a non-vulnerable release as
soon as possible.
+Set resource limits for Clark Kent
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Several parameters are now available for the reporter daemon process
+(`clark-kent.pl`) to control resource usage. These can be used to
+reduce the chances that a malformed report can cause indigestion
+on a database or reports server. The new parameters, which can be
+set in `opensrf.xml` or as command-line switches for `clark-kent.pl` are
+
+* `//reporter/setup/statement_timeout` / `--statement-timeout`
+
+Number of minutes to allow a report's underlying SQL query
+to run before it gets cancelled. Default value is
+60 minutes. If a report's query gets cancelled, the
+error_text value will be set to a valid that indicates that
+the allowed time was exceeded.
+
+* `//reporter/setup/max_rows_for_charts` / `--max-rows-for-charts`
+
+Number of rows permitted in the query's output before
+Clark Kent refuses to attempt to draw a graph. Default
+value is 1,000 rows.
+
+* `//reporter/setup/resultset_limit` / `--resultset-limit`
+
+If set, truncates the report's output to the specified
+number of hits. Note that it will not be apparent
+to a staff user if the report's output has been
+truncated. Default value is unlimited.
+
+The report concurrency (i.e., the number of reports that Clark
+Kent will run in parallel) can now also be controlled via
+the `opensrf.xml` setting `//reporter/setup/parallel`.
+
+
Acknowledgments
---------------
The Evergreen project would like to acknowledge the following
commit 9cc10e9f181b83e1c8fe1f8e08f726bcf63b83aa
Author: Ben Shum <bshum at biblio.org>
Date: Fri Apr 10 10:43:31 2015 -0400
Docs: Move security bug fix note into the Bug Fixes area of 2.7 RELEASE NOTES
Signed-off-by: Ben Shum <bshum at biblio.org>
diff --git a/docs/RELEASE_NOTES_2_7.txt b/docs/RELEASE_NOTES_2_7.txt
index 49f3c36..12d3bef 100644
--- a/docs/RELEASE_NOTES_2_7.txt
+++ b/docs/RELEASE_NOTES_2_7.txt
@@ -379,6 +379,16 @@ http://sitemaps.org specification, including:
Bug Fixes
---------
+IMPORTANT SECURITY INFORMATION
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+A serious security flaw that allows unauthorized remote access to
+organizational unit settings is fixed in the following releases of
+Evergreen: 2.5.9, 2.6.7, and 2.7.4. All prior releases of Evergreen
+are vulnerable to exploitation of this flaw to reveal sensitive system
+information. If you are running a vulnerable release of Evergreen you
+are *strongly* encouraged to upgrade to a non-vulnerable release as
+soon as possible.
+
Set resource limits for Clark Kent
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Several parameters are now available for the reporter daemon process
commit 55555b7de4922e03ca93eec50dff391bf5862464
Author: Ben Shum <bshum at biblio.org>
Date: Fri Apr 10 10:38:45 2015 -0400
Docs: Start a new section for bug fixes for 2.7 series
And pull in the reporter changes here.
Signed-off-by: Ben Shum <bshum at biblio.org>
diff --git a/docs/RELEASE_NOTES_2_7.txt b/docs/RELEASE_NOTES_2_7.txt
index dcdb7b4..49f3c36 100644
--- a/docs/RELEASE_NOTES_2_7.txt
+++ b/docs/RELEASE_NOTES_2_7.txt
@@ -376,6 +376,42 @@ http://sitemaps.org specification, including:
* generating a sitemap index file that points to each of the sitemap files.
+Bug Fixes
+---------
+
+Set resource limits for Clark Kent
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Several parameters are now available for the reporter daemon process
+(`clark-kent.pl`) to control resource usage. These can be used to
+reduce the chances that a malformed report can cause indigestion
+on a database or reports server. The new parameters, which can be
+set in `opensrf.xml` or as command-line switches for `clark-kent.pl` are
+
+* `//reporter/setup/statement_timeout` / `--statement-timeout`
+
+Number of minutes to allow a report's underlying SQL query
+to run before it gets cancelled. Default value is
+60 minutes. If a report's query gets cancelled, the
+error_text value will be set to a valid that indicates that
+the allowed time was exceeded.
+
+* `//reporter/setup/max_rows_for_charts` / `--max-rows-for-charts`
+
+Number of rows permitted in the query's output before
+Clark Kent refuses to attempt to draw a graph. Default
+value is 1,000 rows.
+
+* `//reporter/setup/resultset_limit` / `--resultset-limit`
+
+If set, truncates the report's output to the specified
+number of hits. Note that it will not be apparent
+to a staff user if the report's output has been
+truncated. Default value is unlimited.
+
+The report concurrency (i.e., the number of reports that Clark
+Kent will run in parallel) can now also be controlled via
+the `opensrf.xml` setting `//reporter/setup/parallel`.
+
Acknowledgments
---------------
diff --git a/docs/RELEASE_NOTES_NEXT/Administration/set_resource_limits_for_reporter.txt b/docs/RELEASE_NOTES_NEXT/Administration/set_resource_limits_for_reporter.txt
deleted file mode 100644
index 9c04c95..0000000
--- a/docs/RELEASE_NOTES_NEXT/Administration/set_resource_limits_for_reporter.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-Set resource limits for Clark Kent
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-Several parameters are now available for the reporter daemon process
-(`clark-kent.pl`) to control resource usage. These can be used to
-reduce the chances that a malformed report can cause indigestion
-on a database or reports server. The new parameters, which can be
-set in `opensrf.xml` or as command-line switches for `clark-kent.pl` are
-
-* `//reporter/setup/statement_timeout` / `--statement-timeout`
-
-Number of minutes to allow a report's underlying SQL query
-to run before it gets cancelled. Default value is
-60 minutes. If a report's query gets cancelled, the
-error_text value will be set to a valid that indicates that
-the allowed time was exceeded.
-
-* `//reporter/setup/max_rows_for_charts` / `--max-rows-for-charts`
-
-Number of rows permitted in the query's output before
-Clark Kent refuses to attempt to draw a graph. Default
-value is 1,000 rows.
-
-* `//reporter/setup/resultset_limit` / `--resultset-limit`
-
-If set, truncates the report's output to the specified
-number of hits. Note that it will not be apparent
-to a staff user if the report's output has been
-truncated. Default value is unlimited.
-
-The report concurrency (i.e., the number of reports that Clark
-Kent will run in parallel) can now also be controlled via
-the `opensrf.xml` setting `//reporter/setup/parallel`.
-----------------------------------------------------------------------
Summary of changes:
docs/RELEASE_NOTES_2_7.txt | 46 ++++++++++++++++++++
docs/RELEASE_NOTES_2_8.txt | 38 +++++++++++++++-
.../set_resource_limits_for_reporter.txt | 32 --------------
3 files changed, 82 insertions(+), 34 deletions(-)
delete mode 100644 docs/RELEASE_NOTES_NEXT/Administration/set_resource_limits_for_reporter.txt
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list