[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
LedgerSMB 1.2.25 released
- Subject: LedgerSMB 1.2.25 released
- From: Chris Travers <..hidden..>
- Date: Mon, 22 Aug 2011 15:04:09 -0700
LedgerSMB 1.2.25 has been released. This code has been reviewed for a
the type of SQL injection issues recently reported and all
questionable cases addressed. While some cases are believed to be
exploitable, others have been fixed as a mere precaution.
SQL injection issues on 1.2.x should generally be presumed to be
severe unless we offer reasons otherwise.
Users 1.2.x are advised to upgrade as soon as possible.