references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
dependabot/github_actions/dev/actions/create-github-app-token-3.2.0
openproject/docs/release-notes/17-0-7
T
History
Oliver Günther 9867c94585 Update security fixes
2026-03-31 08:48:15 +02:00
..
README.md
Update security fixes
2026-03-31 08:48:15 +02:00

README.md

title, sidebar_navigation, release_version, release_date
title sidebar_navigation release_version release_date
OpenProject 17.0.7
title
17.0.7
17.0.7 2026-03-31

OpenProject 17.0.7

Release date: 2026-03-31

We released OpenProject OpenProject 17.0.7. The release contains several bug fixes and we recommend updating to the newest version. Below you will find a complete list of all changes and bug fixes.

Security fixes

CVE-2026-34717 - SQL Injection in Cost Reporting =n Operator via parse_number_string

The =n operator in cost reports did not appropriately treat user input

This vulnerability was reported by user Ochk0 through a GitHub security advisory. Thank you for responsibly disclosing your findings.

For more information, please see the GitHub advisory #GHSA-5rrm-6qmq-2364

Bug fixes and changes

Reference in New Issue View Git Blame Copy Permalink