[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security update for LedgerSMB 1.1
- Subject: Security update for LedgerSMB 1.1
- From: "Chris Travers" <..hidden..>
- Date: Thu, 8 Mar 2007 17:31:58 -0800
Earlier today a security vulnerability was reported to us which could
allow a non-authenticated user to access administrative functions. We
have released 1.1.9 to fix this vulnerability.
Anyone who cannot upgrade is advised to put admin.pl behind some sort
of http authentication.