1.11

1.11.11 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.11

1.11.10 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.10

* Fix upgrades from older Pg versions with the 'cash_impact' view (#7987)
* Fix missing locale parameter creating GL Search report (#7997)
* Fix setup.pl CSRF regressions (#8007, #8000)
* Fix date filters on Cash > Receipt/Payment (#8015)

1.11.9 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the fix for CVE-2024-23831, a CSRF attack on
setup.pl.

Changelog for 1.11.9

* Add missing batch and entity sequences to the Defaults screen (#7965)
* Stop warning during startup without configuration file (#7928)
* CVE-2024-23831: CSRF attack on 'setup.pl'

cve-2024-23831 (Cross Site Request Forgery)

Submitted by ehu on

Privilege escalation through CSRF attack on 'setup.pl'

Summary

When a LedgerSMB database administrator has an active session in /setup.pl,
an attacker can trick the admin into clicking on a link which automatically
submits a request to setup.pl without the admin's consent.  This request can
be used to create a new user account with full application (/login.pl)
privileges, leading to privilege escalation.


Known vulnerable

All of:

1.11.8 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.8

1.11.7 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.7

* Fix creating an invoice from an order (#7855)
* Retain partsgroup selection on Update in parts screen (#7848)
* Fix missing columns on trial balance 'Ending' report type (#7870)

1.11.6 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.6

* Fix 'Current earnings' not showing in the balance sheet report (#7785)
* Fix saving headings of headings (#7802)
* Fix saving unused accounts configured for reconciliation (#7805)
* Fix 'delete' link shown in CoA screen on accounts used with parts (#7812)
* Fix deletion of parts (#7811)

1.11.5 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.5

1.11.4 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.4

* Show database and user name in setup.pl consistency result screen (#7714)
* Fix AR/AP transaction Reverse button (#7719, #7717)
* Fix invoices created from API to be in SAVED state (#7733)
* Fix 'New Window' menu item throwing an error (#7735)
* Fix Parts > Group > Add throwing 'Group missing!' (#7737)

1.11.3 Released

Submitted by LedgerSMB_Team on

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application, with
special thanks to GitHub.com user Peter John Acklam (@pjacklam) for
his prompt responses and fixes on the various Math::BigFloat issues
that popped up recently.
This release contains the following fixes and improvements:

Changelog for 1.11.3