- New version 10.0.6
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-22500 : Unauthorized access to inventory files
 + CVE-2023-22722 : XSS on browse views
 + CVE-2023-22725 : XSS on external links
 + CVE-2023-22724 : XSS in RSS Description Link
 + CVE-2023-23610 : Unauthorized access to data export
 + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute
- Added glpi-php8.2

- New version 10.0.4
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2022-39276 : Blind SSRF in RSS feeds and planning
 + CVE-2022-39372 : Stored XSS in user information
 + CVE-2022-39373 : Stored XSS in entity name
 + CVE-2022-39376 : Improper input validation on emails links
 + CVE-2022-39370 : Improper access to debug panel
 + CVE-2022-39234 : User's session persist after permanently deleting his account
 + CVE-2022-39262 : Stored XSS on login page
 + CVE-2022-39277 : XSS in external links
 + CVE-2022-39375 : XSS through public RSS feed
 + CVE-2022-39323 : SQL Injection on REST API
 + CVE-2022-39371 : Stored XSS through asset inventory

- New version 10.0.3
- This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
- Security fixes:
 + CVE-2022-35945 : XSS through registration API
 + CVE-2022-31143 : Leak of sensitive information through login page error
 + CVE-2022-31187 : Stored XSS through global search (CVE-2022-31187)
 + CVE-2022-35914 : [critical] Command injection using a third-party library script
 + CVE-2022-35946 : SQL injection through plugin controller
 + CVE-2022-35947 : [critical] Authentication via SQL injection
 + CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning

- New version 10.0.2
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2022-31061 : Unauthenticated SQL injection on login page
 + CVE-2022-31056 : SQL injection on actor part in assistance forms
 + CVE-2022-31068 : Unauthenticated Sensitive Data Exposure on Refused Inventory Files

- New version 10.0.1
- This is a security release, upgrading is recommended
- The GLPI licence has been moved to GPLv3+

- New version 10.0.0
- Added glpi-php8.0
- Added glpi-php8.1

- New version 9.5.7
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2022-21720 : SQL injection using custom CSS administration form
 + CVE-2022-21719 : Reflected XSS using reload button

- New version 9.5.6
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint
 + CVE-2021-39210 : Autologin cookie accessible by scripts
 + CVE-2021-39209 : Bypassable CSRF protection on ajax endpoints
 + CVE-2021-39213 : Bypassable IP restriction on GLPI API using custom header injection

- New version 9.5.5
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2021-3486 : Stored XSS in plugins information

- New version 9.5.4
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2021-21326 : Horizontal Privilege Escalation
 + CVE-2021-21255 : entities switch IDOR
 + CVE-2021-21258 : XSS injection in ajax/kanban
 + CVE-2021-21314 : XSS injection on ticket update
 + CVE-2021-21312 : Stored XSS on documents
 + CVE-2021-21313 : XSS on tabs
 + CVE-2021-21325 : Stored XSS in budget type
 + CVE-2021-21327 : Unsafe Reflection in getItemForItemtype()
 + CVE-2021-21324 : Insecure Direct Object Reference (IDOR) on "Solutions"

- New version 9.5.3
- This is a security release, upgrading is recommended
- Security fixes:
 + CVE-2020-27662 : Insecure Direct Object Reference on ajax/comments.php
 + CVE-2020-27663 : Insecure Direct Object Reference on ajax/getDropdownValue.php
 + CVE-2020-26212 : Any CalDAV calendars is read-only for every authenticated user

- Fixed spec

- New version 9.4.6
- This is a security release, upgrading is highly recommended

- New version 2.6.3
- Security fixes:
+ CVE-2019-19821 : Improper Privilege Management
- Removed Python requirements

- New version 9.4.5

- New version 9.4.2
- This is a security release, upgrading is highly recommended

- New version 9.4.2
- This is a security release, upgrading is highly recommended

- New version 2.6.1

- New version 9.4.1

- New version 2.6.0
- Added PHP7 support
- Deleted PHP5 support
- Deleted Apache1 support

- Deleted glpi-php5

- New version 9.4.0

- Fixed glpi-apache2 postun

- New verion 9.3.3
- PHP7 support

- Delete glpi-apache

- New version 9.1.2

- Conf for Apache2 moved to sites-available

- New version 0.90.5

- This version correct several minor bugs.

- This version correct several minor bugs.

- New version 2.1.0

- This version fix several minor bugs and a security bug

- This version fix several minor bugs and a security bug.

- New version 0.84.5 This version correct several minor bugs.

- New version 2.0.2

- New version 0.84.5 This version correct several minor bugs.

- New version 0.84.4 This version correct several minor bugs.

- New version 0.84.3

- Security fixes:
 + CVE-2013-5696 : SQL Injection, PHP Code Execution, CSRF

- Initial build for ALT Linux

- New version 0.84.1

- New version 0.84