[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Health] Security warning for Tryton-sao

From: Axel Braun
Subject: [Health] Security warning for Tryton-sao
Date: Thu, 08 Mar 2018 22:44:58 +0100

Dear all,

please be aware that there is a security issue with Tryton Sao, the web client 
of the Tryton ERP platform.

Sao is based on jQuery 2.x, which is not maintained anymore [1].

The developers of jQuery state:
jQuery 2.x is no longer maintained and contains vulnerabilities that could 
lead to security issues in add-ons

The issue that sao is based on in between unmaintained and unsecure software 
components was discussed, but is unsolved up to now [2] .

As all versions of sao including Tryton 4.6 are affected, there is currently 
no migration or upgrade path.

I have disabled the build for sao packages on openSUSE until further notice. 

Have a good weekend


reply via email to

[Prev in Thread] Current Thread [Next in Thread]