Security update for tryton
This update for tryton to version 4.2.19 fixes the following issues:
Security issue fixed:
- CVE-2018-19443: Fixed an information leakage by attemping to initiate an
unencrypted connection, which would fail eventually, but might leak session
information of the user (boo#1117105)
This update also contains newer versions of tryton related packages with general bug fixes and updates:
- trytond 4.2.17
- trytond_account 4.2.10
- trytond_account_invoice 4.2.7
- trytond_purchase_request 4.2.4
- trytond_stock 4.2.8
- trytond_stock_supply 4.2.3
-
Submitted by
Axel Braun (DocB)
Fixed bugs
bnc#1117105
VUL-1: CVE-2018-19443: tryton: The client tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances
