Hi all; LedgerSMB 1.2.25 has been released. This code has been reviewed for a the type of SQL injection issues recently reported and all questionable cases addressed. While some cases are believed to be exploitable, others have been fixed as a mere precaution.
SQL injection issues on 1.2.x should generally be presumed to be severe unless we offer reasons otherwise. Users 1.2.x are advised to upgrade as soon as possible. Best Wishes, Chris Travers ------------------------------------------------------------------------------ uberSVN's rich system and user administration capabilities and model configuration take the hassle out of deploying and managing Subversion and the tools developers use with it. Learn more about uberSVN and get a free download at: http://p.sf.net/sfu/wandisco-dev2dev _______________________________________________ Ledger-smb-users mailing list Ledger-smb-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ledger-smb-users
