[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Ledger1.1.10 released
- Subject: Ledger1.1.10 released
- From: "Chris Travers" <..hidden..>
- Date: Fri, 16 Mar 2007 14:29:08 -0700
A new security issue has been discovered in LedgerSMB 1.1.10 allowing
for arbitrary execution of pre-existing perl scripts due to failure to
check input properly. This has been corrected in 1.1.10. The scope
of this vulnerability are such that all users of 1.1.x should upgrade
as soon as possible. 1.2.x is not affected.
Best Wishes,
Chris Travers