Syndicate content
bcwilson's picture

Heartbleed -- the xTuple Response

HeartbleedEarlier this week, security experts revealed a significant flaw in a widely used Internet security product called OpenSSL. The bug, called Heartbleed, is a vulnerability in systems that use OpenSSL to encrypt information over SSL connections. OpenSSL is used on about two-thirds of the Internet servers in the world, so the impact of this bug is very widespread. The existence of this bug does not mean that any specific private information has in fact been stolen, but it does mean that it could have been stolen, and all sites that employ the OpenSSL encryption library must implement a security patch immediately, as well as perform a number of other security-related updates, to protect against Heartbleed.

xTuple has taken the following actions to update our servers, secure our data, and protect our customers:

  1. The day after the information on Heartbleed was released, xTuple replaced the OpenSSL code on our servers with an updated version that does not contain the bug.
  2. We have revoked and reissued all SSL certificates for our servers, to remove any lingering vulnerability.
  3. We are informing our user community of our actions and recommending that you update your passwords.

What should you do?

This is not fun, we know, but the potential impact of this bug is quite serious and affects thousands of websites around the Internet, including ours. Now that we have updated our SSL certificates, you should update the passwords you use to connect to xTuple sites and services. You should also update any passwords you use to connect to any other Internet service, including Google, Facebook, Amazon, etc., as they all have been affected by this bug.

Want to know more?

If you want to learn more about Heartbleed, read the information posted by Codenomicon, the security firm that first exposed this bug.

 Read more »

MissySchmidt's picture

Bigger, Better xTupleCon for 2014 - Special Community Pricing through April 30

xTupleCon14 save-the-dateYou asked for bigger and better. And we listened! Now, you're getting the biggest, and best, conference that the "innovation corridor" of downtown Norfolk, Virginia (USA), has to offer!

Registration is now open for xTuple Community-Only Pricing. Save 35% off with the Ultimate Combo Pass by registering before April 30, 2014. Don't miss out on your opportunity to save your seat, save money and maximize your xTuple investment.

Frequently Asked Questions | FAQs

jrogelstad's picture

To free or not too free, that is the question

To be more specific ... the question we would like help answering is would xTuple be better off changing the CPAL license on its core PostBooks project to the GPL license, or an extremely permissive license like BSD or MIT?

Anyone who works with open source software knows that one of the most-discussed aspects of an open source project is its license. The license of a project you incorporate into your own can impact the licensing of your own software. This is because licensing can dictate not only the legal terms under which the code you are incorporating must be distributed, but the legal terms under which the entire body of code into which it was merged must be distributed.

There is something of a religious debate about what the "free" in free and open source software (FOSS) means.  Let's dive in...

 Read more »

jgunderson's picture

Easily visualize your data with Sales Analysis Dashboard

While we work to integrate Business Intelligence (BI) with the Mobile Web client, it is available now to help you understand your sales performance. Since it's fully integrated into the xTuple Mobile Web client, it's not only easy to use, you're not forced to deal with a separate system.

It's a powerful analysis tool to help you explore and visualize your data, and it's pre-loaded with a number of sales measures to help you evaluate current status and to review trends. For example: Read more »

wtonra's picture

xTuple for Macs and Mobile featured at Macworld 2014

xTuple ERP for Mac - Mobile Web appIt’s almost that time of year again – Macworld/iWorld! Attending this “best place for all things Apple” conference is just one of the highlights of my year. It gives me a chance to meet face-to-face with Mac-lovers worldwide to talk about solutions we have at xTuple for their business.

Whether you’re a manufacturer, distributor, or manage a bit of both worlds, I’m looking forward to letting you “test drive” the xTuple Mobile Web application. You’ll have a chance to see Read more »

lnichols's picture

Start Developing for the xTuple Mobile Web with One Command

Setting up enterprise software can be complicated, especially considering all the unknown variables that can exist in different operating systems and with software installed on that operating system. At xTuple, we've determined the best way to ensure a successful and consistent setup is to make sure every installation is configured the same way, regardless of the local operating system. The easiest way to provide an isolated, reproducible “sandbox” for software development is through  Read more »

ned's picture

Sexy and we know it

We recently had a nice writeup from Jay Lyman of the 451 Group, a technology research shop. The second paragraph begins, "Enterprise ERP still isn't sexy, but xTuple makes things more interesting by...."

Got your attention yet? :) Read more »

rmurchake's picture

Top technology plans for Distributors in 2014

In a recent webinar hosted by Modern Distribution Management magazine, distributors of all sizes were asked where they were investing technology dollars in 2014. The top three areas of spend were: Read more »

tjwebb's picture

Continuous Integration in Action at xTuple

A Common Language

We wouldn't have become the World's #1 Open-Source ERP if we didn't already work harder than everyone else to test our software. And we're always looking for ways to work smarter as well. xTuple's new Mobile Web Client currently automatically tests itself to validate new features and detect regressions. Developers can press a button to verify that complex business logic meets specification. Read more »

bcwilson's picture

How to get the most out of your xTuple Free Trial in the cloud

xTuple Cloud

You have a good reason for starting a Free Trial of xTuple. Perhaps your company has been running QuickBooks, and now you need something more powerful to handle the complexities of your business. Or you are running on a moribund ERP or accounting package (Sage, anyone?), and you need to find a new platform with a brighter future. You've heard that xTuple offers greater extensibility and control, and now you're ready to take a look at the product.

 Read more »

 

mead