Пакет glpi-php8.1: Информация
Default inline alert: Версия в репозитории: 10.0.15-alt1
Бинарный пакет: glpi-php8.1
Версия: 10.0.7-alt1
Архитектура: noarch
Собран: 15 мая 2023 г. 11:22 в задании #320515
Исходный пакет: glpi
Категория: Сети/Прочее
Сообщить об ошибке в пакетеЗагрузка: glpi-php8.1-10.0.7-alt1.noarch.rpm
Домашняя страница: http://www.glpi-project.org
Лицензия: GPLv3
О пакете: PHP8.1 dependencies for glpi
Описание:
php8.1 dependencies for glpi
Сопровождающий: Pavel Zilke
Последнее изменение
13 мая 2023 г. Pavel Zilke 10.0.7-alt1
- New version 10.0.7 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-28849 : SQL injection and Stored XSS via inventory agent request + CVE-2023-28632 : Account takeover by authenticated user + CVE-2023-28838 : SQL injection through dynamic reports + CVE-2023-28852 : Stored XSS through dashboard administration + CVE-2023-28636 : Stored XSS on external links + CVE-2023-28639 : Reflected XSS in search pages + CVE-2023-28634 : Privilege Escalation from technician to super-admin + CVE-2023-28633 : Blind Server-Side Request Forgery (SSRF) in RSS feeds
24 января 2023 г. Pavel Zilke 10.0.6-alt1
- New version 10.0.6 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22500 : Unauthorized access to inventory files + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on external links + CVE-2023-22724 : XSS in RSS Description Link + CVE-2023-23610 : Unauthorized access to data export + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute - Added glpi-php8.2
4 ноября 2022 г. Pavel Zilke 10.0.5-alt1
- New version 10.0.5 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information + CVE-2022-39373 : Stored XSS in entity name + CVE-2022-39376 : Improper input validation on emails links + CVE-2022-39370 : Improper access to debug panel + CVE-2022-39234 : User's session persist after permanently deleting his account + CVE-2022-39262 : Stored XSS on login page + CVE-2022-39277 : XSS in external links + CVE-2022-39375 : XSS through public RSS feed + CVE-2022-39323 : SQL Injection on REST API + CVE-2022-39371 : Stored XSS through asset inventory