1.11

1.11.15 Released

Submitted by LedgerSMB_Team on Thu, 08/01/2024 - 15:13

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.15

Read more about 1.11.15 Released

1.11.14 Released

Submitted by LedgerSMB_Team on Mon, 05/06/2024 - 14:44

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.14

Read more about 1.11.14 Released

1.11.13 Released

Submitted by LedgerSMB_Team on Fri, 04/26/2024 - 06:53

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.13

Read more about 1.11.13 Released

1.11.12 Released

Submitted by LedgerSMB_Team on Tue, 04/09/2024 - 12:06

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.12

Fix download of attachments to reconciliations (#8088)
Fix e-mailing of AR aging statements (#8111)

For installation instructions and system requirements, see
https://github.com/ledgersmb/LedgerSMB/blob/1.11.12/README.md

Read more about 1.11.12 Released

1.11.11 Released

Submitted by LedgerSMB_Team on Fri, 03/15/2024 - 02:05

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.11

Read more about 1.11.11 Released

1.11.10 Released

Submitted by LedgerSMB_Team on Thu, 02/15/2024 - 13:27

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.10

Read more about 1.11.10 Released

1.11.9 Released

Submitted by LedgerSMB_Team on Fri, 02/02/2024 - 10:01

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the fix for CVE-2024-23831, a CSRF attack on
setup.pl.

Changelog for 1.11.9

Read more about 1.11.9 Released

cve-2024-23831 (Cross Site Request Forgery)

Submitted by ehu on Mon, 01/29/2024 - 12:51

Read more about cve-2024-23831 (Cross Site Request Forgery)

Privilege escalation through CSRF attack on 'setup.pl'

Summary

When a LedgerSMB database administrator has an active session in /setup.pl,
an attacker can trick the admin into clicking on a link which automatically
submits a request to setup.pl without the admin's consent. This request can
be used to create a new user account with full application (/login.pl)
privileges, leading to privilege escalation.

Known vulnerable

All of:

1.11.8 Released

Submitted by LedgerSMB_Team on Sat, 01/13/2024 - 13:51

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.8

Read more about 1.11.8 Released

1.11.7 Released

Submitted by LedgerSMB_Team on Sun, 12/31/2023 - 06:58

The LedgerSMB development team is happy to announce yet another new
version of its open source ERP and accounting application.
This release contains the following fixes and improvements:

Changelog for 1.11.7

Read more about 1.11.7 Released

Subscribe to 1.11