https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37724
Michał <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] | |om --- Comment #21 from Michał <[email protected]> --- I do agree that showing off the major version by default with the option to disable it would be a reasonable compromise. The major version is much easier to figure out by the assets and not having it there is sad for e.g. analytical purposes, it's really interesting to see what versions of Koha are deployed throughout the country, how actively do they follow the community updates etc. There is some merit to hiding it completely like mentioned around the Shodan scan, but I think if someone develops an exploit and tests privately that it works, they'll be more likely to just enlist all Koha instances out there in the wild and just attempt all anyway, it's not like there's that many of them either. At most I feel like they'd exclude the new ones rather than excluding the unknown ones. With that said, hiding only the minor version would at least definitely hide whether it's a security-patched version already or not yet there, so this might be a sensible default. If the default remains all hidden, community-maintained pages like this will lose a lot of their merit: https://pl.wiki.bibliotekaaik.pl/view/Koha -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
