Пакет glpi: Информация

  • Default inline alert: Версия в репозитории: 9.5.13-alt1

Исходный пакет: glpi
Версия: 9.5.11-alt1
Собран:  5 декабря 2022 г. 10:42 в задании #310702
Категория: Сети/Прочее
Сообщить об ошибке в пакете
Домашняя страница: http://www.glpi-project.org

Лицензия: GPLv2
О пакете: IT and asset management software
Описание: 
GLPI is the Information Resource-Manager with an additional Administration-
Interface.
You can use it to build up a database with an inventory for your company
(computer, software, printers...).
It has enhanced functions to make the daily life for the administrators easier,
like a job-tracking-system with mail-notification and methods to build a
database with basic information about your network-topology.

Список rpm-пакетов, предоставляемых данным srpm-пакетом:
glpi (noarch)
glpi-apache2 (noarch)
glpi-php7 (noarch)

Сопровождающий: Pavel Zilke

Список участников:
Pavel Zilke

    1. rpm-macros-webserver-common

Последнее изменение


5 ноября 2022 г. Pavel Zilke 9.5.11-alt1
- New version 9.5.11
- Bugfix for previouys release
4 ноября 2022 г. Pavel Zilke 9.5.10-alt1
- New version 9.5.10
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2022-39276 : Blind SSRF in RSS feeds and planning
 + CVE-2022-39372 : Stored XSS in user information
 + CVE-2022-39376 : Improper input validation on emails links
 + CVE-2022-39370 : Improper access to debug panel
 + CVE-2022-39234 : User's session persist after permanently deleting his account
 + CVE-2022-39262 : Stored XSS on login page
 + CVE-2022-39277 : XSS in external links
 + CVE-2022-39375 : XSS through public RSS feed
 + CVE-2022-39323 : SQL Injection on REST API
14 сентября 2022 г. Pavel Zilke 9.5.9-alt1
- New version 9.5.9
- This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
- Security fixes:
 + CVE-2022-35945 : XSS through registration API
 + CVE-2022-31143 : Leak of sensitive information through login page error
 + CVE-2022-35914 : [critical] Command injection using a third-party library script
 + CVE-2022-35946 : SQL injection through plugin controller
 + CVE-2022-35947 : [critical] Authentication via SQL injection
 + CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning