Koha Community Newsletter: July 2013

Koha Community Newsletter Subscribe
July 2013

Volume 4, Issue 7
ISSN 2153-8328
Edited by Daniel Grobani, Koha Community Newsletter Editor.
Please submit news items to Submit

Table of Contents

Development

Koha Security Update Released
by Galen Charlton

The Koha community is releasing a security update for all supported and recent unsupported versions of Koha. The security update is available for the following new releases:

  • 3.12.3
  • 3.10.9
  • 3.8.16
  • 3.6.12

Patches are also available for 3.2.x and 3.4.x.

The security update fixes a situation where manipulation of the cookie used for retaining OPAC search history for anonymous sessions could theoretically result in the execution of arbitrary code on a Koha webserver.

We are aware of no active exploits at this time. The security issue can be mitigated by turning off the EnableOpacSearchHistory system preference.

We recommend that all Koha users upgrade as soon as possible. If you cannot upgrade immediately, we strongly encourage you to turn off the EnableOpacSearchHistory system preference until such time as you can upgrade.

Users of the Debian packages for 3.10.x and 3.12.x can get the latest release by running apt-get update followed by apt-get upgrade. Because a new dependency was added recently, it may be necessary to run apt-get dist-upgrade instead or to run apt-get install koha-common.

For users of the Debian packages for 3.8.x and 3.6.x, since the Koha APT repository no longer contains those versions, .deb files are available for download and installation using dpkg -i:

Tarballs are also available:

The patches for 3.4.x and 3.2.x can be found as the top three commits in the 3.4.x and 3.2.x branches in Koha’s Git repository.

As a general note, if you are not running a version of Koha that has has a release maintainer (current 3.8.x, 3.10.x, and 3.12.x), we strongly urge you to upgrade to a supported version.

Koha 3.12.3 Released
by Tomas Cohen Arazi

The Koha community is proud to announce the release of 3.12.3. This is a bugfix/maintenance release and contains important security fixes. It also contains 15 bugfixes and 2 enhancements.

This release can be downloaded here; installation instructions are here or in the INSTALL files that come in the tarball.

Release notes are here.

Koha 3.12.2 Released
by Tomas Cohen Arazi

The Koha community is proud to announce the release of 3.12.2. This is a bugfix/maintenance release and contains 9 enhancements and 50 bugfixes.

This release can be downloaded here; installation instructions are here or in the INSTALL files that come in the tarball.

Release notes are here. Please read the “New dependencies” section of the release notes if you are upgrading from a previous version.

Koha 3.10.9 Released
by Bernardo Gonzalez Kriegel

The Koha community is proud to announce the release of 3.10.9. This is a security release.

This release can be downloaded here; installation instructions are here or in the INSTALL files that come in the tarball.

Release notes are here.

Koha 3.8.15 Released
by Chris Hall

The Koha community is proud to announce the release of 3.8.15. This is a bugfix/maintenance release and contains 1 enhancement and 11 bugfixes.

This release can be downloaded here; installation instructions are here or in the INSTALL files that come in the tarball.

Release notes are here.

This release contains translation updates for both 3.8.14 and 3.8.15. Thank you very much bgkriegel and everyone who helped.

Koha 3.14 Release Manager’s Update #1

Galen Charlton, 3.14 Release Manager, has posted the first of a set of periodic updates on the progress of the next major release of Koha.

Koha Statistics

Chris Cormack, Koha Community statistics wizard, has posted statistics for June 2013.

Community

New Koha Libraries

Community Gossip

Stefano Bargioni, deputy director of the Library of Pontificia Università della Santa Croce, has recently published with his colleagues an article in the Italian Journal of Library and Information Science on their experience with Koha. The article outlines how to enhance a library catalog by adding Dewey classification to bibliographic records by querying international databases such as OCLC Classify and national libraries, a process made possible by Koha’s programmable interface.

Nicole Engard, Koha documentation manager, attended the 2013 O’Reilly Open Source Convention and posted many reports on her blog and on ByWater Solutions’ blog.

Chris Cormack is compiling a list of national libraries using Koha and is requesting additions to the list.

Galen Charlton, Koha 3.14 release manager, has posted a tutorial on Perl 5.10 and Koha.

Daniel Grobani, Koha community newsletter editor, will soon begin recruiting a new editor, as the library where he works will be migrating away from Koha early in 2014.

Support Provider News

BibLibre has published the first edition of its new monthly newsletter.

Upcoming Events

August General IRC Meeting

The August general IRC meeting will be held on 7 August 2013 at 02:00 UTC.

The agenda and other information will be posted here.

KohaCon13 Volunteer Opportunities

Volunteers are being sought for various roles at KohaCon13. You can sign up by adding your name to the volunteers wiki page.

KohaCon13 Excursion
by Nancy Keener, KohaCon13 Chair

A must-see on a visit to Reno is to check out nearby Lake Tahoe, known as “The Jewel of the Sierra.” A great way to see this natural beauty is to get out on the water. The Tahoe Queen is a traditional paddlewheel sightseeing boat that leaves from South Lake Tahoe for 2½ hour cruises. The boat has three decks, indoor and outdoor seating, two bars, and food service. I recently sailed on the Tahoe Queen for the afternoon and it was wonderful to relax and take in the stunning views of Emerald Bay and resident bald eagles. On Saturday, October 19, KohaCon13 will have a break day and we will arrange transportation up to Lake Tahoe. I hope you will join us for an excursion aboard the Tahoe Queen. South Lake Tahoe also offers shopping, restaurants, and other activities. More info on KohaCon13 is here, and you can register for the conference here.

KohaCon 2014 Proposals Redux
by Mirko Tietgen

Proposals to host Kohacon 2014 are due by 15 September. If you are interested in hosting the conference, make sure to check the general Wiki page on Koha conference bidding and proposals for KohaCon 2011 and KohaCon 2013 to get an impression of what people would like to know about location and dates.

Please keep in mind our rule to change continents every year; with Kohacon 2013 taking place in Reno, applications from North America should be postponed to 2015. So far we had/will have conferences in:

  • 2006: Paris, France
  • 2009: Plano, Texas, USA
  • 2010: Wellington, NZ
  • 2011: Thane, India
  • 2012: Edinburgh, Scotland, UK
  • 2013: Reno, Nevada, USA
  • 2014: Your place, World

If you are interested in hosting the conference, please tell us about it on the Koha mailing list and add a summary here.

It does not have to be complete from the beginning; you can add information later. The most important things clearly are location and proposed time. So far we had conferences in April, May, June, and 3 times in October, as it will be this year. It looks like having 3 days of conference, 1 day off, and 3 days of hackfest is the preferred conference schedule.

One last note: the conference has always been free of charge and it is supposed to stay that way.

Looking forward to your proposals.

Past Events

July General IRC Meeting

The July general IRC meeting was held on 10 July 2013.

The agenda, links to the minutes, and other information is here.