Security: Denial of Service Vulnerability in 1.3.20 and below

A security oversight has been discovered in LedgerSMB 1.3 which could
allow a malicious user to cause a denial of service against LedgerSMB
or otherwise affect the way in which certain forms of data would get
entered. In most cases we do not believe this to be particularly
severe in the absence of poor internal process controls. Users in
some jurisdictions however may need to take this more seriously (see
full details below).

Basic details:

Which other programming language bindings/environments would you most like to see supported?

PHP
22% (2 votes)
Python
11% (1 vote)
LISP
22% (2 votes)
Ruby
22% (2 votes)
Java
22% (2 votes)
Javascript/Node.js
0% (0 votes)
LUA
0% (0 votes)
Other
0% (0 votes)
Total votes: 9

LedgerSMB 1.3.20 has been released

The LedgerSMB core team is pleased to announce the release of LedgerSMB 1.3.20. As time has progressed, bug reports have slowed as expected, and so we have an opportunity to address issues more rough edges. This process will continue as more people continue to discuss with us what would be needed to make their lives easier with the software.

Highlights of this release include an updated Spanish (Argentina) translation, allowing customer/vendor searches to be sorted, and some technical changes to make it easier to share functionality between 1.3 and what will become 1.4, allowing users greater ability to install addons with new functionality. Additionally the user interface is a bit more polished.

Roadmap

This document looks forward from the last stable public release (currently 1.4). We hope it serves people who wonder when certain features will be implemented or where general development is headed. The document should be taken as a general direction: it is evolving and may be subject to change.

LedgerSMB 1.3.19 has been released

LedgerSMB 1.3.19 has been released. This release corrects two
significant issues and makes the application generally easier to use.
The two significant issues it fixes is that voided transactions were
including the original payments again, and that CSV exports had no
data. A large number of more minor problems were fixed including the
fact that some reports were requiring that the date be set in ISO
format, and fixed an encoding issue that caused corruption on
retrieval of some attached files (the files were stored correctly so
if anyone was having that issue, the files should now retrieve
properly).

Riverbend Community Math Center - Dean Serenevy

We are a US not-for-profit (http://riverbendmath.org/) using SQL-Ledger and LedgerSMB since 2006 (I'm not sure exactly when we made the switch). We are a small organization: ~15 part-time employees; ~$150,000 annual revenues; 2 users of the ledger. We are still using 1.2.x because my trial transition to 1.3.x did not work out as smoothly as I had hoped. Thus, I have put the transition on hold until I can give it a few days attention. As an organization we believe in and use open source software almost entirely. 

LedgerSMB 1.3.18 released

This release corrects a few bugs that are specific to 1.3 and a few bugs which have been longstanding since before the fork. Additionally pricelists are now exported in ODS format. XLS output which has been broken for some time was removed.

The most important bugfixes are that ODS output now works, and selecting from the year and month dropdowns doesn't result in bogus dates being printed at the top of the report. Additionally an internal server error when running monthly requirements reports was corrected.

Active Developer Community ?

At least three active committers and many more developers.

The ledger-smb-devel mailing list have 196 subscribers (22. Mai 2012).
Check the mailing lists at https://sourceforge.net/mail/?group_id=175965

Community: /following-and-contributing

192 subscribers (1. Nov 2011)

How do I "undo" or reverse a payment to a vendor?

I have made a payment to a vendor, but entered an incorrect date, far in
the future. Consequently the payment does not show when I try to reconcile
the relevant bank statement.

How do I back-out the incorrectly entered payment?

Cash/Vouchers/Reverse Payment.

Then when you are done adding the payments you want to reverse,
approve the batch.

Pages

Subscribe to LedgerSMB RSS