forward-port 3.4 release notes
authorGalen Charlton <gmc@equinoxinitiative.org>
Wed, 2 Oct 2019 21:27:16 +0000 (17:27 -0400)
committerGalen Charlton <gmc@equinoxinitiative.org>
Wed, 2 Oct 2019 21:28:29 +0000 (17:28 -0400)
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
docs/RELEASE_NOTES_3_4.adoc

index 27e8b9c..9c6716f 100644 (file)
@@ -3,36 +3,9 @@ Evergreen 3.4 Release Notes
 :toc:
 :numbered:
 
-Evergreen 3.4-beta2
--------------------
-The Evergreen 3.4-beta2 release includes security fixes for cross-site scripting
-(XSS) vulnerabilities in the Evergreen public catalog. Testers of the Evergreen
-3.4-beta1 release are encouraged to install this release, which does not
-include any database updates since the beta 1.
-
-Security Issue: XSS Vulnerability in Public Catalog
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-This release fixes several cross-site scripting (XSS) vulnerabilities
-in the public catalog. When upgrading, Evergreen administrators should
-review whether any of the following templates have been customized
-or overridden. If so, either the template should be replaced with the
-stock version or the XSS fix (which entails adding the `| html` filter
-in several places) applied to the customized version.
-
- * `Open-ILS/src/templates/opac/browse.tt2`
- * `Open-ILS/src/templates/opac/parts/ebook_api/base_js.tt2`
- * `Open-ILS/src/templates/opac/parts/header.tt2`
- * `Open-ILS/src/templates/opac/parts/place_hold.tt2`
- * `Open-ILS/src/templates/opac/parts/place_hold_result.tt2`
- * `Open-ILS/src/templates/opac/parts/result/adv_filter.tt2`
-
-They should also review the following templates.  If these templates have
-been customized or overridden, either the template should be replaced with
-the stock version or the XSS fix (which entails adding `rel="nofollow` to
-external links) applied to the customized version.
-
-* `Open-ILS/src/templates/opac/parts/record/summary.tt2`
-* `Open-ILS/src/templates/opac/parts/result/table.tt2`
+Evergreen 3.4.0
+---------------
+The Evergreen 3.4.0 release is a major feature release.
 
 Upgrade notes
 -------------