ledgersmb 1.6.9+ds-1ubuntu0.1 source package in Ubuntu
Changelog
ledgersmb (1.6.9+ds-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Cross-site Scripting
- debian/patches/1.6-cve-2021-3693.patch: Fix display of search results
and bulk-posting payments.
- debian/patches/1.6-cve-2021-3693-regression.patch: Fix regression for
failing to show errors as popups and broken downloads of backups.
- debian/patches/1.6-cve-2021-3694.patch: Use escape_html to avoid
specially crafted URL.
- CVE-2021-3693
- CVE-2021-3694
* SECURITY UPDATE: Clickjacking
- debian/patches/1.6-cve-2021-3731.patch: Set Content-Security-Policy for
the header.
- CVE-2021-3731
-- Paulo Flabiano Smorigo <email address hidden> Tue, 28 Sep 2021 14:11:37 +0000
Upload details
- Uploaded by:
- Paulo Flabiano Smorigo
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | universe | web | |
| Focal | security | universe | web |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ledgersmb_1.6.9+ds.orig.tar.xz | 1.9 MiB | 7e29702482dd84ab30caf176bbdf56b7069db488b36c921b4ff57878ab1b579b |
| ledgersmb_1.6.9+ds-1ubuntu0.1.debian.tar.xz | 37.5 KiB | ea3410414e1559a27b61bb63bc8202e9c487c9b8dfe874239312c50f4e9d31be |
| ledgersmb_1.6.9+ds-1ubuntu0.1.dsc | 3.3 KiB | 6fe78b152a76308819ce13a8d576588c3136e96f59c34752cc5d879c3989f17c |
Available diffs
Binary packages built by this source
- ledgersmb: financial accounting and ERP program
LedgerSMB is a full featured double-entry financial accounting and Enterprise
Resource Planning system accessed via a web browser (Perl/JS with a PostgreSQL
backend) which offers "Accounts Receivable", "Accounts Payable" and "General
Ledger" tracking as well as inventory control and fixed assets handling. The
LedgerSMB client can be a web browser or a programmed API call. The goal of
the LedgerSMB project is to bring high quality ERP and accounting capabilities
to Small and Midsize Businesses.
.
The application now defaults to being made available locally on port 5762 and
being run directly by Starman instead of by Apache. If other access is needed,
a Reverse Proxy can be configured locally using Apache, Nginx, Lighttpd, or
Varnish.
.
For more information, please see /usr/share/doc/ledgersmb/ README. Debian.
