LedgerSMB 1.2.7 has been released which contains a number of critical
updates affecting users of LedgerSMB 1.2.x. These include a fix for a
severe security issue. All users who are currently running LedgerSMB
1.2.x are urged to upgrade at once. A security advisory is currently
under development and will be released through these channels once it
is completed.

LedgerSMB 1.2.7 also includes a number of other bug fixes of varying
severity. The full changelog is:

Changelog for 1.2.7

• Fixed user@company logins (Chris T)
• Fixed closed books detection (Chris T)
• Fixed AR/AP print and post endless loop (Chris T)
• Fixed subtotal not working on AR/AP Transaction Report (Seneca)
• Fixing incorrect tax account selection issues in POS screen (Chris T)
• Fixed: Titlebar does not show user info (Seneca)
• Fixing error searching for parts with sales invoice links (Chris T)
• Fixed a number of COGS bugs on invoice reversal (Victor S)
• Fixing bareword error with pos.conf.pl (Chris T)
• Fixing SQL error when creating assembly (Seneca)
• Fixing Template use check in user deletion (Seneca)
• Fixing bug partial transaction commit bug wrt invoices (Chris T)
• Fixed line items were dropped on order consolidation (Chris T)
• Correcting errors on transaction list after posting (Chris T)
• Updated ebuild files (Chris T)
• Backporting POD and tests for Menu.pm from trunk (Seneca)
• Fixing constraint issue deleting part (Chris T)
• fixing vendor taxes displaying improperly when printing PO (Seneca)
• Corrected security bypass in login.pl (Seneca)