[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security update for LedgerSMB 1.1

Subject: Security update for LedgerSMB 1.1
From: "Chris Travers" <..hidden..>
Date: Thu, 8 Mar 2007 17:31:58 -0800

Hi;

Earlier today a security vulnerability was reported to us which could
allow a non-authenticated user to access administrative functions.  We
have released 1.1.9 to fix this vulnerability.

Anyone who cannot upgrade is advised to put admin.pl behind some sort
of http authentication.

Best Wishes,
Chris Travers

Follow-Ups:
- Re: Security update for LedgerSMB 1.1
  - From: Matt Jackson

Prev by Date: Re: Followup -- one more LedgerSMB question
Next by Date: Re: Security update for LedgerSMB 1.1
Previous by thread: Questions about LedgerSMB
Next by thread: Re: Security update for LedgerSMB 1.1
Index(es):
- Date
- Thread