File _patchinfo of Package patchinfo.6108

<patchinfo incident="6108">
  <issue id="1016817" tracker="bnc">GNU Health update to 3.0.5</issue>
  <issue id="1016885" tracker="bnc">CVE-2016-1241: tryton,trytond: password hashes leak to authenticated users</issue>
  <issue id="1016886" tracker="bnc">CVE-2016-1242: tryton,trytond: admin user able to access all files on system</issue>
  <issue id="2016-1241" tracker="cve"/>
  <issue id="2016-1242" tracker="cve"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>DocB</packager>
  <description>
This update provides version 3.0.5 of GNU Health including several fixes and improvements.

- Update to ICD10 version 2016.
- Fix error when printing prescription using review dates.
- Fix error on summary report when no date of birth is assigned to the person.

Additionally the following dependencies have been updated:

tryton:

- Update to 3.8.12.
- Sanitize path in file open. (boo#1016886, CVE-2016-1242)
- Prevent read of user password hash. (boo#1016885, CVE-2016-1241)

trytond:

- Update to 3.8.9.
- Sanitize path in file open. (boo#1016886, CVE-2016-1242)
- Prevent read of user password hash. (boo#1016885, CVE-2016-1241)

trytond_account:

- Update to 3.8.5.

trytond_account_invoice:

- Update to 3.8.4.

trytond_stock:

- Update to 3.8.4.

trytond_stock_lot:

- Update to 3.8.1.

porteus:

- Update to 3.8.5.
</description>
  <summary>Security update for GNU Health and it's dependencies</summary>
</patchinfo>
openSUSE Build Service is sponsored by