From 8bb737e1fa69221fc87ff5940cbabd87375d6ce9 Mon Sep 17 00:00:00 2001 From: Didier Gautheron Date: Fri, 8 May 2020 15:19:54 +0200 Subject: [PATCH] Bug 25381: XSLTs should not define entities Bug 23290 explicitly disabled entity expansion during XML parsing for security reasons. However, many XSLTs define the following entity: They don't use the entity  , but its presence could lead to confusion. Signed-off-by: Eden Bacani Signed-off-by: Katrin Fischer Signed-off-by: Katrin Fischer Signed-off-by: Jonathan Druart (cherry picked from commit 10c08b6552c7063c4c029701018d6f54e6549acb) Signed-off-by: Fridolin Somers (cherry picked from commit c83158f5bf80f6f4fdfd5ae7e6abfbfbc033f681) Signed-off-by: Andrew Fuerste-Henry --- koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_006.xml | 2 +- koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_007.xml | 2 +- koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_008.xml | 2 +- koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_CF.xsd | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21Languages.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2ATOM.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MADS.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3-1.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS32.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2OAIDC.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl.1 | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2SRWDC.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/MARC21slim2intranetDetail.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/MARC21slim2intranetResults.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim9522852.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils-MODS31.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils2.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2OAIDC.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/NORMARCslim2intranetDetail.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/NORMARCslim2intranetResults.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslimUtils.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/UNIMARC_compact.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/UNIMARCslim2OAIDC.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/UNIMARCslim2RDFDC.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/UNIMARCslim2intranetDetail.xsl | 2 +- .../intranet-tmpl/prog/en/xslt/UNIMARCslim2intranetResults.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/UNIMARCslimUtils.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/compact.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/identity.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/oilsMARC21slim2HTML.xsl | 2 +- koha-tmpl/intranet-tmpl/prog/en/xslt/plainMARC.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21Languages.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACDetail.xsl | 2 +- .../opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACResults.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slimUtils.xsl | 2 +- .../opac-tmpl/bootstrap/en/xslt/NORMARCslim2OPACDetail.xsl | 2 +- .../opac-tmpl/bootstrap/en/xslt/NORMARCslim2OPACResults.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/NORMARCslimUtils.xsl | 2 +- .../opac-tmpl/bootstrap/en/xslt/UNIMARCslim2OPACDetail.xsl | 2 +- .../opac-tmpl/bootstrap/en/xslt/UNIMARCslim2OPACResults.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/UNIMARCslimUtils.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/compact.xsl | 2 +- koha-tmpl/opac-tmpl/bootstrap/en/xslt/plainMARC.xsl | 2 +- misc/maintenance/generate_MARC21Languages.pl | 2 +- 50 files changed, 50 insertions(+), 50 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_006.xml b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_006.xml index ae0a641aa0..f2640f2b6d 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_006.xml +++ b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_006.xml @@ -1,6 +1,6 @@ -]> + Books diff --git a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_007.xml b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_007.xml index fe956b357e..b493abb932 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_007.xml +++ b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_007.xml @@ -1,6 +1,6 @@ -]> + Maps diff --git a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_008.xml b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_008.xml index 15ddc00fdd..bb643a5e49 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_008.xml +++ b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_008.xml @@ -1,6 +1,6 @@ -]> + Books diff --git a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_CF.xsd b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_CF.xsd index be91f27bb8..3445618113 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_CF.xsd +++ b/koha-tmpl/intranet-tmpl/prog/en/data/marc21_field_CF.xsd @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21Languages.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21Languages.xsl index bf70ed9445..c5d7025c3a 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21Languages.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21Languages.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2ATOM.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2ATOM.xsl index 1233d67f8c..92bcb62abe 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2ATOM.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2ATOM.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl index ade69de935..bf969eac66 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl @@ -1,5 +1,5 @@ -]> + -]> + -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3-1.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3-1.xsl index d796f66728..1bc4205ac0 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3-1.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3-1.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3.xsl index e040c76252..ab995cc4cf 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS3.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS32.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS32.xsl index a4cd457bf8..d0618d380b 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS32.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2MODS32.xsl @@ -1,4 +1,4 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2OAIDC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2OAIDC.xsl index 36ba41f605..64905eca71 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2OAIDC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2OAIDC.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl index 922605bf36..503bd2c139 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl.1 b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl.1 index d100a59fa8..f8b7ecd99f 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl.1 +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl.1 @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl index 9d38ee10ec..a8a50c7576 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2SRWDC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2SRWDC.xsl index 009d8b1a1c..63fa07467a 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2SRWDC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2SRWDC.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetDetail.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetDetail.xsl index fc88cec6fd..f158fea2bd 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetDetail.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetDetail.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetResults.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetResults.xsl index be70b9abcb..8a7624bde0 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetResults.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slim2intranetResults.xsl @@ -1,6 +1,6 @@ -]> + -]> + -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl index 08c90e0d2e..076025d5c2 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl @@ -1,5 +1,5 @@ -]> + -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2OAIDC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2OAIDC.xsl index 291ab06b96..a602611206 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2OAIDC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2OAIDC.xsl @@ -1,6 +1,6 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2intranetDetail.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2intranetDetail.xsl index 861488963e..4eb7ec1a4b 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2intranetDetail.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/NORMARCslim2intranetDetail.xsl @@ -1,7 +1,7 @@ -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + ]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/oilsMARC21slim2HTML.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/oilsMARC21slim2HTML.xsl index dcf76e18c1..02c6236291 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/oilsMARC21slim2HTML.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/oilsMARC21slim2HTML.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/intranet-tmpl/prog/en/xslt/plainMARC.xsl b/koha-tmpl/intranet-tmpl/prog/en/xslt/plainMARC.xsl index 84c2753d07..48af81c38d 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/xslt/plainMARC.xsl +++ b/koha-tmpl/intranet-tmpl/prog/en/xslt/plainMARC.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21Languages.xsl b/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21Languages.xsl index bf70ed9445..c5d7025c3a 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21Languages.xsl +++ b/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21Languages.xsl @@ -1,5 +1,5 @@ -]> + diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACDetail.xsl b/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACDetail.xsl index 10fcd84baa..9070462fe6 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACDetail.xsl +++ b/koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACDetail.xsl @@ -1,7 +1,7 @@ -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + -]> + diff --git a/misc/maintenance/generate_MARC21Languages.pl b/misc/maintenance/generate_MARC21Languages.pl index e5a151679d..be27b6e635 100755 --- a/misc/maintenance/generate_MARC21Languages.pl +++ b/misc/maintenance/generate_MARC21Languages.pl @@ -87,7 +87,7 @@ sub generate_header { my ($file_handle) = @_; print {$file_handle} <<"HEADER"; -]> + -- 2.39.5