2011/11/27 Frère Sébastien <[email protected]>: > On Sat, Nov 26, 2011 at 04:19:26PM -0500, Jared Camins-Esakov wrote: >> >> Can't call method "cookie" on an undefined value at /home/jcamins/k >> ohaclone/C4/Templates.pm line 323 >> > > The patch (9a4e9e54f26b0c1bf69c5be1f5b0fea93134c06a / Bug 6629 : Sanitizing > input from language cookie) has removed a conditional assignement to a simple > assignement. > > C4/Templates.pm: > - $lang = $query->cookie('KohaOpacLanguage') > - if defined $query and $query->cookie('KohaOpacLanguage'); > + $lang = getlanguagecookie($query); > > And as C4::Templates::getlanguagecookie deference $query for obtain cookie > information... when $query is undef, not method to call. > > Has a bug report created ? The patch for 6629 as introduce a new bug... > -- New patch on 6629, it turns out InstallAuth.pm had its own vulnerability that this error lead me to discover.
Patch addresses this error and fixes the vulnerability in the web installer Please test and sign off Chris _______________________________________________ Koha-devel mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
