Package glpi: Information
Source package: glpi
Version: 9.5.13-alt1
Build time: Sep 3, 2023, 10:14 PM
Category: Networking/Other
Report package bugHome page: http://www.glpi-project.org
License: GPLv2
Summary: IT and asset management software
Description:
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology.
Maintainer: Pavel Zilke
Last changed
May 27, 2023 Pavel Zilke 9.5.13-alt1
- New version 9.5.13 - This release fixes several security issues that have been recently discovered. Update is recommended! - Security fixes: + CVE-2023-28632 : Account takeover by authenticated user + CVE-2023-28838 : SQL injection through dynamic reports + CVE-2023-28852 : Stored XSS through dashboard administration + CVE-2023-28636 : Stored XSS on external links + CVE-2023-28639 : Reflected XSS in search pages + CVE-2023-28634 : Privilege Escalation from technician to super-admin + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
March 18, 2023 Pavel Zilke 9.5.12-alt1
- New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on external links + CVE-2023-23610 : Unauthorized access to data export + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute
Nov. 5, 2022 Pavel Zilke 9.5.11-alt1
- New version 9.5.11 - Bugfix for previouys release