| New User, Welcome! Login |
SQL-Ledger patch update for SQL injection
| From: |
Chris Travers <chris metatrontech com> |
| To: |
bugtraq securityfocus com |
| Cc: |
|
| Subject: |
SQL-Ledger patch update for SQL injection |
| Date: |
Wed - Aug 24, 2011 07:23 AM |
Hi all;
We have been informed that SQL-Ledger 2.8.34 has in fact been released
patching the security hole previously reported in LedgerSMB 1.2.24 and
Lower. This is an SQL injection issue.
I haven't been been able to find a CVE listing for this yet. Secunia
has assigned this the id of SA45649 for LedgerSMB. I expect to send a
full disclosure email discussing the vulnerability in a week.
Best Wishes,
Chris Travers
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
