| LedgerSMB

Security: Denial of Service Vulnerability in 1.3.20 and below

Submitted by Chris Travers on Mon, 07/30/2012 - 00:08

A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered. In most cases we do not believe this to be particularly severe in the presence of internal process controls. Users in some jurisdictions however may need to take this more seriously (see full details below).

Basic vulnerability characteristics

Read more about Security: Denial of Service Vulnerability in 1.3.20 and below
Log in or register to post comments

LedgerSMB 1.3.20 has been released

Submitted by Chris Travers on Tue, 07/17/2012 - 17:45

The LedgerSMB core team is pleased to announce the release of LedgerSMB 1.3.20. As time has progressed, bug reports have slowed as expected, and so we have an opportunity to address issues more rough edges. This process will continue as more people continue to discuss with us what would be needed to make their lives easier with the software.

Read more about LedgerSMB 1.3.20 has been released

Roadmap

This document looks forward from the last stable public release (currently 1.12). The document should be taken as a general indication of direction. As with every open source project, contributors follow their own priorities; as such, features may be implemented earlier or later than indicated or even features entirely not mentioned may be implemented.

Read more about Roadmap

LedgerSMB 1.3.19 has been released

Submitted by Chris Travers on Sun, 07/01/2012 - 17:58

LedgerSMB 1.3.19 has been released. This release corrects two
significant issues and makes the application generally easier to use.
The two significant issues it fixes is that voided transactions were
including the original payments again, and that CSV exports had no
data. A large number of more minor problems were fixed including the
fact that some reports were requiring that the date be set in ISO
format, and fixed an encoding issue that caused corruption on
retrieval of some attached files (the files were stored correctly so

Read more about LedgerSMB 1.3.19 has been released

Riverbend Community Math Center - Dean Serenevy

Submitted by ehu on Fri, 06/29/2012 - 08:40

We are a US not-for-profit (http://riverbendmath.org/) using SQL-Ledger and LedgerSMB since 2006 (I'm not sure exactly when we made the switch). We are a small organization: ~15 part-time employees; ~$150,000 annual revenues; 2 users of the ledger. We are still using 1.2.x because my trial transition to 1.3.x did not work out as smoothly as I had hoped. Thus, I have put the transition on hold until I can give it a few days attention. As an organization we believe in and use open source software almost entirely.

Read more about Riverbend Community Math Center - Dean Serenevy

LedgerSMB 1.3.18 released

Submitted by Chris Travers on Fri, 06/08/2012 - 01:40

This release corrects a few bugs that are specific to 1.3 and a few bugs which have been longstanding since before the fork. Additionally pricelists are now exported in ODS format. XLS output which has been broken for some time was removed.

The most important bugfixes are that ODS output now works, and selecting from the year and month dropdowns doesn't result in bogus dates being printed at the top of the report. Additionally an internal server error when running monthly requirements reports was corrected.

Read more about LedgerSMB 1.3.18 released

How do I "undo" or reverse a payment to a vendor?

Submitted by Anonymous (not verified) on Tue, 05/22/2012 - 00:16

I have made a payment to a vendor, but entered an incorrect date, far in
the future. Consequently the payment does not show when I try to reconcile
the relevant bank statement.

How do I back-out the incorrectly entered payment?

Cash/Vouchers/Reverse Payment.

Then when you are done adding the payments you want to reverse,
approve the batch.

Read more about How do I "undo" or reverse a payment to a vendor?
Log in or register to post comments

LedgerSMB has been accepted into Debian!

Submitted by Chris Travers on Sun, 05/20/2012 - 17:25

Robert James Clay just wrote the -users list to make the following announcement:

The 1.3.15-2 package for LedgerSMB has been accepted into Debian
unstable. I expect that version of the package to migrate to Debian
testing (wheezy) by the end of this month.

LedgerSMB Debian source package page:

https://packages.qa.debian.org/l/ledgersmb.html

Read more about LedgerSMB has been accepted into Debian!
Log in or register to post comments

LedgerSMB 1.3.17 released

Submitted by Chris Travers on Sun, 05/20/2012 - 00:15

This release corrects the internal server error on tax lookup issue, and it also corrects an issue that was found in file uploads. Additionally for those running the latest Math::BigInt and Math::BigFloat packages, one is_zero issue was found and fixed. A number of more minor bugfixes are included as well.

Read more about LedgerSMB 1.3.17 released

LedgerSMB 1.3.16 has been released.

Submitted by Chris Travers on Sun, 05/06/2012 - 20:15

This release corrects a number of issues regarding international support, including an issue with UTF-8
characters not showing up properly in HTML invoices, some corrections in the aging report so that invoices are clustered by currency (with subtotals per currency), new user screen not respecting default country, and some enhancements for local tax rules support.