From ecd8aa1d6ca6f13cb90264f15205824f3d56711b Mon Sep 17 00:00:00 2001 From: Jason Stephenson Date: Wed, 17 May 2023 16:49:59 -0400 Subject: [PATCH] Improve 3.9.3 release notes formatting Signed-off-by: Jason Stephenson --- docs/RELEASE_NOTES_3_9.adoc | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/RELEASE_NOTES_3_9.adoc b/docs/RELEASE_NOTES_3_9.adoc index 6eb9f2b..8abe767 100644 --- a/docs/RELEASE_NOTES_3_9.adoc +++ b/docs/RELEASE_NOTES_3_9.adoc @@ -14,18 +14,16 @@ fixes for three security bugs. * https://bugs.launchpad.net/evergreen/+bug/1972738[Bug 1972738] requires a schema update * https://bugs.launchpad.net/evergreen/+bug/1920826[Bug 1920826] requires a schema update -=== Bug Fixes === - === Security Fixes === -=== Fix SQL Injection Vulnerability === +==== Fix SQL Injection Vulnerability ==== An SQL injection vulnerability related to the implementation of search term highlights is now closed. This is https://bugs.launchpad.net/evergreen/+bug/2004055[Bug 2004055]. -=== Malicious Search Protection === +==== Malicious Search Protection ==== Evergreen sometimes sees some "novel" query strings in the wild that cause the search backend to time out or worse. These are sometimes @@ -50,7 +48,7 @@ past. This is https://bugs.launchpad.net/evergreen/+bug/1775958[Bug 1775958]. -=== Restrict login redirect === +==== Restrict login redirect ==== As a security best-practice, Evergreen should not allow arbitrary redirection on successful login, but instead limit redirection to @@ -63,6 +61,8 @@ redirect URL must be one of http, https, ftp, or ftps. This is https://bugs.launchpad.net/evergreen/+bug/1908576[Bug 1908576]. +=== Bug Fixes === + ==== Accessibility ==== * Fixes duplicate ID in staff catalog bib actions (https://bugs.launchpad.net/evergreen/+bug/2016341[Bug 2016341]) @@ -224,7 +224,7 @@ This is https://bugs.launchpad.net/evergreen/+bug/1361782[Bug 1361782]. * Fix to change legacy `ARRAY_TO_STRING(ARRAY_AGG())\ functions to `STRING_AGG()` functions (https://bugs.launchpad.net/evergreen/+bug/1441750[Bug 1441750]) * Fixes typo in `AddedContent.pm` (https://bugs.launchpad.net/evergreen/+bug/2012105[Bug 2012105]) -==== Catalog ==== +==== Catalog ==== * Enables keyboard tabbing for search results pagination (https://bugs.launchpad.net/evergreen/+bug/1993859[Bug 1993859]) * Fixes an error emailing records from the staff catalog & OPAC (https://bugs.launchpad.net/evergreen/+bug/1955079[Bug 1955079]) -- 1.7.2.5