The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the fix for CVE-2024-23831, a CSRF attack on
setup.pl.
Changelog for 1.11.9
* Add missing batch and entity sequences to the Defaults screen (#7965)
* Stop warning during startup without configuration file (#7928)
* CVE-2024-23831: CSRF attack on 'setup.pl'
For installation instructions and system requirements, see
https://github.com/ledgersmb/LedgerSMB/blob/1.11.9/README.md
The release can be downloaded from our download site at
https://download.ledgersmb.org/f/Releases/1.11.9
The release can be downloaded from GitHub at
https://github.com/ledgersmb/LedgerSMB/releases/tag/1.11.9
Docker images have been published for ARMv7 (32-bit),
ARM64 (also known as ARMv8, e.g. RPi 3+) and AMD64.
These can be pulled from the GitHub Container Registry
$ docker pull ghcr.io/ledgersmb/ledgersmb:1.11.9
Or pulled from Docker Hub using the command
$ docker pull ledgersmb/ledgersmb:1.11.9
These are the sha256 checksums of the uploaded files:
5c4ae06702dadd0de3f4e26727fe10ed2086cb932029714a0fdae49553025cab ledgersmb-1.11.9.tar.gz
182f21f0a2f720f2d17e812619b4109f929e3a1d5d88e4b2e459a053472c6237 ledgersmb-1.11.9.tar.gz.asc