Dear all, please be aware that there is a security issue with Tryton Sao, the web client of the Tryton ERP platform.
Sao is based on jQuery 2.x, which is not maintained anymore [1]. The developers of jQuery state: <quote> jQuery 2.x is no longer maintained and contains vulnerabilities that could lead to security issues in add-ons </quote> The issue that sao is based on in between unmaintained and unsecure software components was discussed, but is unsolved up to now [2] . As all versions of sao including Tryton 4.6 are affected, there is currently no migration or upgrade path. I have disabled the build for sao packages on openSUSE until further notice. Have a good weekend Axel [1] https://bugs.tryton.org/issue7140 [2] https://bugs.tryton.org/issue5925 -- You received this message because you are subscribed to the Google Groups "tryton" group. To view this discussion on the web visit https://groups.google.com/d/msgid/tryton/25345683.jAfbSBLLbk%40southpole.
