| LedgerSMB

Security advisory (fixed in 1.3.37)

Submitted by Chris Travers on Thu, 02/06/2014 - 21:08

Security Advisory: LedgerSMB < 1.3.36, Improper Logout on Some Browsers

Severity: Low (cvssv2 base score: 3.6, total 0.5)
Remotely Exploitable: No
Complexity of Attack: High
Impact: Relatively low.
Prerequisite for Attack: Physical Access to Previously Logged In Browser, so high complexity in most cases.
Attack Vector: Physical, against client.
Impact: The attacker may gain access unexpectedly to LedgerSMB using the client's previous credentials.

Background

Read more about Security advisory (fixed in 1.3.37)
Log in or register to post comments

1.3.37 released

Submitted by Chris Travers on Thu, 02/06/2014 - 21:06

LedgerSMB 1.3.37 has been released. This is a significant release with a number of important fixes including two security fixes (please stay tuned for security advisories on these two usually-minor security issues).

Read more about 1.3.37 released
Log in or register to post comments

The LedgerSMB Core Team is proud to release 1.3.36.

Submitted by Chris Travers on Wed, 01/15/2014 - 22:44

This release corrects a significant issue in printing invoices with manually calculated sales tax. This is a significant update, and anyone using 1.3.35 or manually entered sales tax should update relatively quickly.

Read more about The LedgerSMB Core Team is proud to release 1.3.36.
Log in or register to post comments

LedgerSMB 1.3.35 released

Submitted by Chris Travers on Mon, 11/04/2013 - 18:42

LedgerSMB 1.3.35 has been released. This release includes a fairly large number of relatively minor fixes, as well as the addition of invoice creation date tracking and a number of fixes for locale-specific requirements. If you are having any issues with the bugs fixed, you should upgrade immediately.

Read more about LedgerSMB 1.3.35 released
Log in or register to post comments

LedgerSMB 1.3.34 released

Submitted by ehu on Sat, 09/07/2013 - 10:19

he LedgerSMB team has released 1.3.34. Although this is a bugfix release with some significant fixes in it, it also includes a few minor enhancements, such as the ability to search for drafts and batches without specifying a type.

The complete changelog is as follows:

Read more about LedgerSMB 1.3.34 released

LedgerSMB 1.3.33 released

Submitted by Chris Travers on Thu, 05/30/2013 - 02:55

LedgerSMB 1.3.33 has been released. This release corrects a number of minor issues, the most major one is that format_amount() was not working on the check printing workflows.

A fairly large number of other minor bugs were also fixed. Those who are wondering whether to upgrade probably should do so, as the issues fixed are all relatively minor. The complete changelog is below.

Read more about LedgerSMB 1.3.33 released

LedgerSMB 1.3.32 released

Submitted by Chris Travers on Mon, 05/27/2013 - 22:36

LedgerSMB 1.3.32 has been released. This release adds overlooked functionality, and corrects a number of minor to moderate problems with previous releases. Those who are running 1.3.31 should upgrade sooner rather than later. Others should upgrade after reviewing the 1.3.31 inventory changes.

Read more about LedgerSMB 1.3.32 released

LedgerSMB 1.3.31 released, significant Inventory changes

Submitted by ehu on Sun, 05/12/2013 - 10:49

LedgerSMB 1.3.31 has been release and includes a rather deep fix to our onhand numbers. We recommend that anyone who is shipping or receiving inventory upgrade when you are able, but also direct questions too us if there are questions or concerns about the upgrade process.

Read more about LedgerSMB 1.3.31 released, significant Inventory changes

LedgerSMB 1.3.30 released

Submitted by ehu on Sun, 05/12/2013 - 10:47

LedgerSMB 1.3.30 has been released. This release includes a number of additional CSS hooks, some fixes to database-level interfaces for re-opening books, and a number of other minor changes. Unless you have specific need for any of the fixes, this is a fairly minor release and is not normally required as an upgrade. The complete changelog is below.

Best wishes,
Chris Travers

Read more about LedgerSMB 1.3.30 released

LedgerSMB 1.3.29 released

Submitted by ehu on Sun, 05/12/2013 - 10:46

LedgerSMB 1.3.29 has been released and contains a significant number of fixes and if these fixes affect you, you may want to upgrade to this or a higher version. Please note that 1.3.31 has some significant bugfixes in it, and consequently we will be recommending that everyone move to this version or higher when it comes out.

The changelog for 1.3.29 is below.

Read more about LedgerSMB 1.3.29 released

Subscribe to