Package glpi: Information

    Source package: glpi
    Version: 9.5.13-alt1
    Build time:  Sep 3, 2023, 10:14 PM
    Category: Networking/Other
    Report package bug
    License: GPLv2
    Summary: IT and asset management software
    GLPI is the Information Resource-Manager with an additional Administration-
    You can use it to build up a database with an inventory for your company
    (computer, software, printers...).
    It has enhanced functions to make the daily life for the administrators easier,
    like a job-tracking-system with mail-notification and methods to build a
    database with basic information about your network-topology.

    List of rpms provided by this srpm:
    glpi (noarch)
    glpi-apache2 (noarch)
    glpi-php7 (noarch)

    Maintainer: Pavel Zilke

    List of contributors:
    Pavel Zilke

      1. rpm-macros-webserver-common

    Last changed

    May 27, 2023 Pavel Zilke 9.5.13-alt1
    - New version 9.5.13
    - This release fixes several security issues that have been recently discovered. Update is recommended!
    - Security fixes:
     + CVE-2023-28632 : Account takeover by authenticated user
     + CVE-2023-28838 : SQL injection through dynamic reports
     + CVE-2023-28852 : Stored XSS through dashboard administration
     + CVE-2023-28636 : Stored XSS on external links
     + CVE-2023-28639 : Reflected XSS in search pages
     + CVE-2023-28634 : Privilege Escalation from technician to super-admin
     + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
    March 18, 2023 Pavel Zilke 9.5.12-alt1
    - New version 9.5.12
    - This release fixes several security issues that has been recently discovered. Update is recommended!
    - Security fixes:
     + CVE-2023-22722 : XSS on browse views
     + CVE-2023-22725 : XSS on external links
     + CVE-2023-23610 : Unauthorized access to data export
     + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute
    Nov. 5, 2022 Pavel Zilke 9.5.11-alt1
    - New version 9.5.11
    - Bugfix for previouys release