Hi Maxime, As specified at the end of the article you pointed, those vulnerabilities are fixed in Dolibarr 3.4.1:
10/06/2013 - Vendor notified of remotely exploitable vulnerabilities 10/07/2013 - Vendor acknowledges vulnerability, no timeline provided 10/11/2013 - Vendor states fix will be in the 3.4.1 release within the month 10/14/2013 - 3.4.1 released with patch. This advisory released -- Laurent Léonard Le jeudi 17 octobre 2013 16:20:33 Maxime Kohlhaas a écrit : > Hi all, > > I just have been informed about this article : > http://forelsec.blogspot.fr/2013/10/dolibarr-340-multiple-vulnerabilities.ht > ml > > I'll take a look into it ASAP but I wanted to share this with you first. > > Regards, > > -- > *Maxime Kohlhaas > Consultant associé > **ATM Consulting* > *+33 6 33 42 92 43* _______________________________________________ Dolibarr-dev mailing list Dolibarr-dev@nongnu.org https://lists.nongnu.org/mailman/listinfo/dolibarr-dev
