]> git.koha-community.org Git - koha.git/commit
Bug 27812: Remove the ability to transmit a patron's plain text password over email
authorKyle M Hall <kyle@bywatersolutions.com>
Fri, 26 Feb 2021 18:16:58 +0000 (13:16 -0500)
committerKyle Hall <kyle@bywatersolutions.com>
Fri, 25 Mar 2022 13:30:19 +0000 (09:30 -0400)
commit49f36e71097d8d4f287e7bd45b4e5d8e5528b745
treeaeb6630604ebe0355caeb38a67c569da96cfcf8f
parent399132a697a7551d1c855d1dd14c5ee17a74363f
Bug 27812: Remove the ability to transmit a patron's plain text password over email

We should not give libraries the ability to compromise patron accounts,
it is considered a huge security issue and nobody in network security
would never recommend allowing passwords to be transmitted in clear text
over email.

It should simply not be possible to send a patron's password in plain text
via email. As such, we should remove this ability from Koha.

Test Plan:
1) Apply this patch
2) Create a patron to generate the ACCTDETAILS email
3) Note you can no longer transmit the patron's password in the email

Signed-off-by: Amit Gupta <amitddng135@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
installer/data/mysql/en/mandatory/sample_notices.yml
members/memberentry.pl