关键漏洞信息: CVE Request for Koha Security Issues - Release Announcement: Link to Koha security release February 2014 - Issues Fixed in the Release: 1. tools/pdfViewer.pl: Could be used to read arbitrary files on the server. (Bugzilla ID: 11660) 2. Staff Interface Help Editor: Could be used to modify or create arbitrary files on the server. (Bugzilla ID: 11661) 3. member-piopload.pl: Could be used to write to arbitrary files on the server. (Bugzilla ID: 11662) 4. MARC Framework Import/Export Function: Did not require authentication and could be used to perform unexpected SQL commands. (Bugzilla ID: 11666)