[OPEN-ILS-DEV] Evergreen 2.4.3 / 2.3.11 release candidates uploaded / contain security fixes

Bill Erickson berick at esilibrary.com
Thu Oct 3 13:43:37 EDT 2013


Correction / clarification on the Apache change.

The full Apache configuration change should be:

<Location /standalone/>
    AuthType Basic
    AuthName "Standalone Mode Login"
    PerlOptions +GlobalRequest
    PerlSetVar OILSProxyPermissions "STAFF_LOGIN"
    PerlAuthenHandler OpenILS::WWW::Proxy::Authen
    require valid-user
    PerlSendHeader On
    allow from all
    SSLRequireSSL
</Location>

Note the addition of SSLRequireSSL.

This provides an added level of assurance the content is protected.
 However, SSLRequireSSL not be added until *after* the staff client has
been updated.

-b



On Thu, Oct 3, 2013 at 1:18 PM, Bill Erickson <berick at esilibrary.com> wrote:

> Hi All,
>
> Release candidates for Evergreen 2.4.3 and 2.3.11 have been uploaded to
> the Evergreen previews directory.
>
>
> These releases both contain security fixes.  As part of the upgrade,
> administrators should make the following configuration changes:
>
> 1.  Apply the following <match_string> addition to
> /openils/conf/opensrf_core.xml
>
> <match_string>open-ils.actor.patron.password_reset.commit</match_string>
>
> * This change should be made to any 2.3+ system, regardless of upgrade.
>
> Commit:
>
>
> http://git.evergreen-ils.org/?p=Evergreen.git;a=commit;h=e8d713ddb980400998e30884f3443221e1662d8e
>
>
> 2. Add the following configuration to /etc/apache2/eg_vhost.conf (path may
> vary)
>
> <Location /standalone/>
>     AuthType Basic
>     AuthName "Standalone Mode Login"
>     PerlOptions +GlobalRequest
>     PerlSetVar OILSProxyPermissions "STAFF_LOGIN"
>     PerlAuthenHandler OpenILS::WWW::Proxy::Authen
>     require valid-user
>     PerlSendHeader On
>     allow from all
> </Location>
>
> Commits:
>
>
> http://git.evergreen-ils.org/?p=Evergreen.git;a=commit;h=a97d5e0c87369a3ed9d23abf010ec368e8460e18
>
> http://git.evergreen-ils.org/?p=Evergreen.git;a=commit;h=a6e64bfe9ebd5d8512b490f757a09cf848e18805
>
> Release Candidate Files:
>
> http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.4.3.tar.gz
>
> http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.4.3.tar.gz.md5
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.4.3_i686.tar.bz2
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.4.3_i686.tar.bz2.md5
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.4.3_x86_64.tar.bz2
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.4.3_x86_64.tar.bz2.md5
> http://evergreen-ils.org/downloads/previews/evergreen-setup-2.4.3.exe
>
> http://evergreen-ils.org/downloads/previews/evergreen-setup-2.4.3.exe.md5
> http://evergreen-ils.org/downloads/previews/ChangeLog-2.4.2-2.4.3
> ~~~~
>
> http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.3.11.tar.gz
>
> http://evergreen-ils.org/downloads/previews/Evergreen-ILS-2.3.11.tar.gz.md5
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.3.11_i686.tar.bz2
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.3.11_i686.tar.bz2.md5
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.3.11_x86_64.tar.bz2
>
> http://evergreen-ils.org/downloads/previews/evergreen-client-2.3.11_x86_64.tar.bz2.md5
> http://evergreen-ils.org/downloads/previews/evergreen-setup-2.3.11.exe
>
> http://evergreen-ils.org/downloads/previews/evergreen-setup-2.3.11.exe.md5
> http://evergreen-ils.org/downloads/previews/ChangeLog-2.3.10-2.3.11
>
>
> Testing and feedback are appreciated, as always.
>
> Thanks,
>
> -b
>
> --
> Bill Erickson
> | Senior Software Developer
> | phone: 877-OPEN-ILS (673-6457)
> | email: berick at esilibrary.com
> | web: http://esilibrary.com
> | Equinox Software, Inc. / The Open Source Experts
>
>


-- 
Bill Erickson
| Senior Software Developer
| phone: 877-OPEN-ILS (673-6457)
| email: berick at esilibrary.com
| web: http://esilibrary.com
| Equinox Software, Inc. / The Open Source Experts
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20131003/79065ec3/attachment-0001.htm>


More information about the Open-ils-dev mailing list