| Time |
S |
Nick |
Message |
| 05:55 |
|
|
lmstrand joined #koha |
| 06:07 |
|
|
chriss joined #koha |
| 06:08 |
|
koha-jenkins |
Yippee, build fixed! |
| 06:08 |
|
wahanui |
Congratulations! |
| 06:08 |
|
koha-jenkins |
Project Koha_Master build #1814: FIXED in 1 hr 10 min: https://jenkins.koha-community[…]Koha_Master/1814/ |
| 07:31 |
|
|
reiveune joined #koha |
| 07:31 |
|
reiveune |
hello |
| 07:31 |
|
|
cait joined #koha |
| 07:48 |
|
|
alex_a joined #koha |
| 07:48 |
|
alex_a |
Bonjour |
| 07:52 |
|
|
lds joined #koha |
| 09:12 |
|
ashimema |
mornin' #koha |
| 09:52 |
|
|
alex_a joined #koha |
| 09:53 |
|
ashimema |
ooh.. |
| 09:54 |
|
ashimema |
does GetPreparedLetter not fall back through languages |
| 09:56 |
|
ashimema |
looks like it should |
| 10:11 |
|
* cait |
waves |
| 10:11 |
|
cait |
i am back, have you rewritten all the things yet? |
| 10:43 |
|
ashimema |
lol |
| 10:43 |
|
ashimema |
I tracked down your lang for slips bug |
| 10:51 |
|
ashimema |
cait : I just wrote a patch for bug 28712 for you. |
| 10:51 |
|
huginn` |
Bug https://bugs.koha-community.or[…]_bug.cgi?id=28712 major, P5 - low, ---, martin.renvoize, Needs Signoff , Printed slips for fees come up empty if no notice is defined for the user's preferred language |
| 10:52 |
|
cait |
ooh nice one |
| 10:52 |
|
cait |
i probably won't get to do much testing this week :( |
| 10:52 |
|
* ashimema |
now wants to split the Dashboard on version.. to make it clear when a Major is against an old branch. |
| 11:00 |
|
|
Jeremyb joined #koha |
| 11:33 |
|
tcohen |
good morning |
| 11:34 |
|
oleonard |
Hi tcohen |
| 11:34 |
|
tcohen |
hi oleonard |
| 11:34 |
|
wahanui |
hi oleopard |
| 12:03 |
|
* cait |
waves |
| 12:05 |
|
|
vfernandes joined #koha |
| 12:05 |
|
vfernandes |
hi #koha |
| 12:13 |
|
|
alex_a joined #koha |
| 12:14 |
|
|
awazez joined #koha |
| 12:15 |
|
awazez |
Hi everyone. I need some help to configure the domain name of my koha instance. I'm trying to set it up. The DNS, I think is correctly configure. When I ping catalog.bookwarden.com and intranet.bookwarden.com it is responding correctly. The apache "It works" appears. So according to me everything is find for the DNS setup. BUT I just don't understand what to do after. I think I need to configure the INTRASUFFIX in the /etc/koha/koha-sites.conf. |
| 12:15 |
|
awazez |
But what do I type ? intranet.bookwarden.com ? Or intra-intra.bookwarden.com ? It's not clear. And is it the only thing I need to do ? Is there some virtual host to configure ? THanks a lot. |
| 12:16 |
|
oleonard |
awazez: If you see the "it works" page you might try disabling the default site |
| 12:18 |
|
cait |
if the instance was created before, I think you m ight have to also update some config file after |
| 12:18 |
|
cait |
but i'd also start with deactivating the default one |
| 12:19 |
|
awazez |
Ok |
| 12:19 |
|
vfernandes |
performance question: how to improve XML processing speed using records with hundreds of items? |
| 12:24 |
|
awazez |
Yeah it seemed that " site 000-default disabled" is deactivating the default one. Am I right ? |
| 12:29 |
|
cait |
vfernandes: i think there is a bug open about that right now |
| 12:30 |
|
cait |
awazez: not sure about the command but 000-dfault reads right |
| 12:31 |
|
|
lds joined #koha |
| 12:31 |
|
|
jzairo joined #koha |
| 12:34 |
|
vfernandes |
cat: yes... opened by me (bug #26802) |
| 12:34 |
|
huginn` |
Bug https://bugs.koha-community.or[…]_bug.cgi?id=26802 major, P5 - low, ---, koha-bugs, NEW , Improve speed with records with many items |
| 12:35 |
|
vfernandes |
it's a bug that keeps being reported to us |
| 12:37 |
|
vfernandes |
I would like to debug it a little more, but I don't know where I should start |
| 12:54 |
|
cait |
i am not sure if that was the one I saw earlier, but no time to research :( |
| 12:55 |
|
cait |
maybe check for performance/speed/slow and similar in bugzilla, vfernandes |
| 13:10 |
|
jzairo |
hello! |
| 13:16 |
|
|
magnuse_ joined #koha |
| 13:20 |
|
|
Dyrcona joined #koha |
| 13:20 |
|
oleonard |
I have re-implemented Bug 5697, take a look! |
| 13:20 |
|
huginn` |
Bug https://bugs.koha-community.or[…]w_bug.cgi?id=5697 enhancement, P5 - low, ---, oleonard, Needs Signoff , Automatic linking in guided reports |
| 14:17 |
|
domm |
I was asked by a customer why the recent security hole was not registered as a CVE (and so did not show up in some CVE notification service he is using). |
| 14:19 |
|
domm |
I personally don't care, but if there is any Koha Community guideline or similar regarding CVEs (and/or how to handle security issues) I could point them to this guiedline.. |
| 14:19 |
|
oleonard-away |
I don't recall hearing anything about a guideline domm |
| 14:20 |
|
domm |
ok, I was quite sure that no such guideline exists for Koha, but just wanted to make sure |
| 14:21 |
|
oleonard |
My search of old emails shows that there is at least one example of someone "requesting" CVE numbers for security vulnerabilities. |
| 14:21 |
|
oleonard |
I'm not sure what that process is, but perhaps it's something you could do for your customer? |
| 14:21 |
|
oleonard |
domm: It would also be something you could bring to a developers meeting |
| 14:24 |
|
domm |
AFAIK one has to report the problem the a CNA (CVE Numbering Authoritie |
| 14:24 |
|
domm |
) |
| 14:26 |
|
domm |
which then assigns a number etc. But I'm not sure which CNA would be interested in doing this for Koha (a lot seem to be run by companies for their own products) |
| 14:28 |
|
domm |
I guess MITRE would be the CNA-LR (CNA of Last Ressort) for Koha: https://www.cve.org/PartnerInf[…]ers/partner/mitre |
| 14:30 |
|
domm |
For now I will tell the customer that Koha does not create CVEs |
| 14:58 |
|
ashimema |
well... |
| 14:58 |
|
ashimema |
we don't go the full CVE route.. but we do 'promote' the bug from the security area in bugzilla into main bugzilla once the fix is out there. |
| 14:59 |
|
ashimema |
I'm not sure how CVE's work really beyond being a bit more centralised/public? |
| 15:01 |
|
domm |
AFAIK it's "just" a standard and centralized way to disclose problems. So people might subscribe to CVE, but not to Koha, and thus get notified of a potential problem (and how to fix it), without having to subscribe to ALL the communitys |
| 15:02 |
|
tuxayo |
> and so did not show up in some CVE notification service he is using |
| 15:02 |
|
tuxayo |
Interesting, that way customers can know about it and pressure their provider to update. |
| 15:02 |
|
domm |
tuxayo: for example, yes. |
| 15:03 |
|
domm |
Or some poor sysadmin can act on her own, without needing to be prodded by somebody three layers of orga away |
| 15:04 |
|
tuxayo |
In the last 3 years, it seems 10 Koha vulnerabilities have been registered as CVEs |
| 15:04 |
|
tuxayo |
https://www.cvedetails.com/pro[…]l?vendor_id=11706 |
| 15:05 |
|
tuxayo |
domm: indeed! |
| 15:05 |
|
ashimema |
They tend to get reported if they've come from a paid for penetration test |
| 15:05 |
|
ashimema |
we've had a few come in that way.. |
| 15:06 |
|
ashimema |
be nice if there were a bit of money up for grabs for fixing these things more often though.. ;).. |
| 15:06 |
|
tuxayo |
I suppose the number of reported CVEs is good for the track record of security auditors |
| 15:06 |
|
ashimema |
it's all very well paying a nice hefty some to a hacker to find the flaws but then never funding fixes is a right pain |
| 15:06 |
|
tuxayo |
indeed ^^" |
| 15:06 |
|
* ashimema |
has a pet security bugs he keeps chipping away at, but just can't commit enough time to |
| 15:08 |
|
|
Oak joined #koha |
| 15:08 |
|
tuxayo |
ashimema has painted a target on themselves. |
| 15:08 |
|
ashimema |
? |
| 15:08 |
|
tuxayo |
Besides being notified, does anyone know other benefits of registering CVEs ? |
| 15:09 |
|
tuxayo |
ashimema : you will get attacked to compromise the list and details about your pet security bugs :P |
| 15:09 |
|
ashimema |
domm.. are you plix.at ? |
| 15:10 |
|
domm |
ashimema: yes |
| 15:11 |
|
tuxayo |
You got ssh login attempts coming from plix.at ? XD |
| 15:11 |
|
ashimema |
they're well known and not major.. but annoying |
| 15:11 |
|
ashimema |
lol |
| 15:12 |
|
domm |
:-) |
| 15:13 |
|
tuxayo |
good ^^" |
| 15:14 |
|
tuxayo |
I just though there could be support contracts that mention CVE having to be patched in a certain delay. |
| 15:15 |
|
oleonard |
KohaCon2021 keeps getting more and more confusing. |
| 15:15 |
|
ashimema |
oh? |
| 15:15 |
|
wahanui |
oh are there instructions? |
| 15:16 |
|
oleonard |
"Changes on Kohacon2021 International Confrence dates" on koha-devel. |
| 15:16 |
|
oleonard |
Now Dec. 13-15. |
| 15:16 |
|
ashimema |
Joubu may have prompted that |
| 15:17 |
|
tuxayo |
oh ok they did it |
| 15:17 |
|
Joubu |
there were some private discussions, after last meeting talks |
| 15:17 |
|
ashimema |
there was a small email trail trying to understand what was going on.. |
| 15:17 |
|
Joubu |
they were asking me to confirm the date shift, which I hadn't |
| 15:17 |
|
ashimema |
their quick reply was.. "OK, we change it".. |
| 15:18 |
|
Joubu |
that's a good thing I think |
| 15:18 |
|
ashimema |
indeed.. I imagine they're doing a really good job of upsetting anyone who has already booked to go.. which I imagine is all local people.. can't imagine anyone booking to head out there at this point in time. |
| 15:18 |
|
tuxayo |
Still messy but the result seems good ^^ |
| 15:18 |
|
ashimema |
yeah.. they're trying |
| 15:19 |
|
Joubu |
they also confirmed the conference will be hybrid with online streaming |
| 15:19 |
|
tuxayo |
:D |
| 15:20 |
|
Joubu |
dates are still not accurage on the website then |
| 15:20 |
|
Joubu |
accurate |
| 16:01 |
|
|
rkrimme1 joined #koha |
| 16:15 |
|
|
cait left #koha |
| 16:26 |
|
ashimema |
cait around still? |
| 16:27 |
|
oleonard |
Just left |
| 16:30 |
|
ashimema |
oh well |
| 17:48 |
|
oleonard |
I think OpacBrowseResults is broken in master but my attempts to git bisect it have failed twice. |
| 17:49 |
|
oleonard |
Anyone around who can confirm or deny? |
| 18:08 |
|
reiveune |
bye |
| 18:08 |
|
|
reiveune left #koha |
| 18:38 |
|
kidclamp |
working for me oleonard |
| 18:38 |
|
oleonard |
:/ |
| 18:38 |
|
kidclamp |
i know, it is the worst answer |
| 18:38 |
|
kidclamp |
is broken how for you? |
| 18:39 |
|
oleonard |
The browse links don't show up at all |
| 18:40 |
|
kidclamp |
https://snipboard.io/R670cT.jpg |
| 18:41 |
|
kidclamp |
with both ES and zebra, unless it broke since this mornign :-) |
| 19:25 |
|
|
lukeg joined #koha |
| 19:45 |
|
|
davidnind joined #koha |
| 20:22 |
|
davidnind |
@later tell oleonard OPACBrowseResults is working for me on Firefox but not on Google Chrome or Chromium - the browse results block is missing and has block starting with 'Place hold' (with caches cleared, add block turned off, etc) |
| 20:22 |
|
huginn` |
davidnind: The operation succeeded. |
