The LedgerSMB development team is happy to announce yet another new version of its open source ERP and accounting application. This release contains the fix for security vulnerability CVE-2024-23831 which allows an attacker to create a user by tricking a setup.pl admin into clicking on a specifically crafted link. See more about this CVE on https://ledgersmb.org/cve-2024-23831-setup-csrf. Changelog for 1.10.31 * Fix GL transaction entry regressed from 1.10.29 (#7984) Changelog for 1.10.30 * Add missing batch and entity sequences to the Defaults screen (#7965) * Stop warning during startup without configuration file (#7928) * CVE-2024-23831: CSRF attack on 'setup.pl' For installation instructions and system requirements, see https://github.com/ledgersmb/LedgerSMB/blob/1.10.31/README.md The release can be downloaded from our download site at https://download.ledgersmb.org/f/Releases/1.10.31 The release can be downloaded from GitHub at https://github.com/ledgersmb/LedgerSMB/releases/tag/1.10.31 Docker images have been published for ARMv7 (32-bit), ARM64 (also known as ARMv8, e.g. RPi 3+) and AMD64. These can be pulled from the GitHub Container Registry $ docker pull ghcr.io/ledgersmb/ledgersmb:1.10.31 Or pulled from Docker Hub using the command $ docker pull ledgersmb/ledgersmb:1.10.31 These are the sha256 checksums of the uploaded files: 15920bbe05a6e37ee9f4d7fe408adb587a20ae0e8c052f20df1e2909b4c7bc51 ledgersmb-1.10.31.tar.gz e03aeecd9087bbc25673bd13ec78962509f3b265886bb0a44949bde311cb06bc ledgersmb-1.10.31.tar.gz.asc