[Wactclc-alma] FW: UPDATE: Impact of Google Chrome browser updates on Ex Libris products – Due February 4th, 2020 (Security Advisory)

Traci Taylor ttaylor at btc.edu
Thu Jan 30 12:45:01 PST 2020 

Hello,

Is this something that we need to be concerned about?

Thanks,
Traci



[cid:image003.jpg at 01D5D76B.15C17490]<https://www.btc.edu/>Traci Taylor, MLS
Lead Librarian
Bellingham Technical College<http://www.btc.edu/>
3028 Lindbergh Ave. | Bellingham, WA 98225
Call: 360.752.8488 | Office: CC 327
Connectedness • Professionalism • Integrity
Providing student-centered, high-quality professional technical
education for today’s needs and tomorrow’s opportunities.




From: Primo <primo-bounces at exlibrisusers.org> On Behalf Of Scott Schuetze via Primo
Sent: Thursday, January 30, 2020 11:43 AM
To: Ex Libris user community discussion list for Primo <primo at exlibrisusers.org>
Cc: Scott Schuetze <Scott.Schuetze at proquest.com>
Subject: [Primo] UPDATE: Impact of Google Chrome browser updates on Ex Libris products – Due February 4th, 2020 (Security Advisory)

Dear Colleagues,

On February 4th, 2020, Google will roll out a new version of Google Chrome (80) that will implement a secure-by-default model for cookies, enabled by a new classification system. This model intends to protect users from cross-site request forgery<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fowasp.org%2Fwww-community%2Fattacks%2Fcsrf&data=02%7C01%7CTomer.Shemesh%40exlibrisgroup.com%7Cf14293b4153342516d9608d7a5b9d5b4%7Cc598e59c2e194342a52ba055a26296c6%7C0%7C0%7C637160089893092395&sdata=%2BvcTfpCQ7BG0hJyH8T9BBmd76gQCGe18DKVkTehl070%3D&reserved=0>, where an innocent end-user is tricked by an attacker into submitting a web request that they did not intend. As of February 2020, only cookies tagged as Secure will be able to send cross-sites and will require encrypted HTTPS connection access.

Custom integrations relying on non-secure (HTTP) protocol or cookie, might be impacted in Google Chrome.

Ex Libris deployed the required configuration to all Ex Libris cloud servers for the following Ex Libris products: Alma, Primo, Esploro, Leganto, Summon, campusM, RapidILL, RefWorks, Rosetta, Pivot, Research professional, Aleph, Voyager, Intota, Ulrich's, MetaLib, DigiTool.

SFX - Impact to the Link Resolver Sidebar; see Google Chrome (80) Update and Possible Impact on SFX <https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fknowledge.exlibrisgroup.com%2FSFX%2FKnowledge_Articles%2FThe_Google_Chrome_(80)_Update_and_Possible_Impact_on_SFX&data=02%7C01%7CTomer.Shemesh%40exlibrisgroup.com%7Cf14293b4153342516d9608d7a5b9d5b4%7Cc598e59c2e194342a52ba055a26296c6%7C0%7C0%7C637160089893102392&sdata=3vmXMZZpUa3tUCx1h%2FkWVBimRWkpESkTwak1jozli50%3D&reserved=0>

360 – Impact to 360 Link Sidebar uses ‘iframes’ to embed external content and links in its pages; see Impact of Google Chrome version 80 on 360 Link<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fknowledge.exlibrisgroup.com%2F%3Ftitle%3D360_Services%252F360_Link%252FKnowledge_Articles%252FWhat_is_the_impact_of_Google_Chrome_version_80_on_360_Link%25253F&data=02%7C01%7CTomer.Shemesh%40exlibrisgroup.com%7Cf14293b4153342516d9608d7a5b9d5b4%7Cc598e59c2e194342a52ba055a26296c6%7C0%7C0%7C637160089893102392&sdata=aC34s%2BE%2BROX447i7fssiNTqbhls4h1Pk0anwZR3PWVo%3D&reserved=0>

For more details see : Security advisory article – Google Chrome Browser version 80 Updates and Ex Libris products and services - January 30, 2020<https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fknowledge.exlibrisgroup.com%2FCross_Product%2FSecurity%2FAdvisories%2FSecurity_Advisory_%25E2%2580%2593_Google_Chrome_Browser_version_80_Updates_and_Ex_Libris_products_and_services_-_January_30%252C_2020&data=02%7C01%7CTomer.Shemesh%40exlibrisgroup.com%7Cf14293b4153342516d9608d7a5b9d5b4%7Cc598e59c2e194342a52ba055a26296c6%7C0%7C0%7C637160089893112375&sdata=n%2BANBu1P%2BQxILzLYCi4FqbPzHxAacLMvVnhgMveVuOc%3D&reserved=0>

Kind regards,

The Ex Libris Team



Scott Schuetze
Sr. Product Marketing Manager – Discovery
Scott.Schuetze at exlibrisgroup.com<mailto:Scott.Schuetze at exlibrisgroup.com>
[cid:image002.png at 01D5D762.547F8DB0]<http://www.exlibrisgroup.com/>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 7740 bytes
Desc: image002.png
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 17275 bytes
Desc: image004.jpg
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.jpg
Type: image/jpeg
Size: 3011 bytes
Desc: image003.jpg
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.jpg
Type: image/jpeg
Size: 897 bytes
Desc: image007.jpg
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment-0002.jpg>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
URL: <http://lists.ctc.edu/pipermail/wactclc-alma_lists.ctc.edu/attachments/20200130/c9e4bfc0/attachment.txt>

More information about the Wactclc-alma mailing list