On behalf of the Evergreen contributors, the 2.7.x release maintainer (Ben Shum) and the 2.6.x and 2.5.x release maintainer (Dan Wells), we are pleased to announce the release of Evergreen 2.7.4, 2.6.7, and 2.5.9.
The new releases can be downloaded from: http://evergreen-ils.org/egdownloads/ THESE RELEASES CONTAIN SECURITY UPDATES, so you will want to upgrade as soon as possible. In particular, the following security issues are fixed: Bug 1424755: This bug allows unauthorized remote access to the value of certain library settings that are meant to be confidential. Bug 1206589: This bug allows unauthorized remote access to the log of changes to library settings, including ones meant to be confidential. All prior supported releases are vulnerable to these bugs. All three of these new releases also contain bugfixes that not related to the security issues. For more information on the changes in these releases, please consult their change logs. Please note that 2.5.9 is the last release expected in the 2.5.x series. It is recommended that all Evergreen sites upgrade to one of the new releases as soon as possible. For additional information, including instructions on how to apply hotfixes for the security issues, please see http://evergreen-ils.org/security-releases-evergreen-2-7-4-2-6-7-and-2-5-9/ -- Galen Charlton Infrastructure and Added Services Manager Equinox Software, Inc. / The Open Source Experts email: [email protected] direct: +1 770-709-5581 cell: +1 404-984-4366 skype: gmcharlt web: http://www.esilibrary.com/ Supporting Koha and Evergreen: http://koha-community.org & http://evergreen-ils.org
