Сопровождающий Pavel Zilke в ветке sisyphus_loongarch64: Информация

Имя сопровождающего: Pavel Zilke (zidex)
Собрано source пакетов в данной ветке: 4

Последние изменения


9 ноября 2024 г. 1:25

glpi

Версия: 10.0.17-alt1
О пакете: IT and asset management software
Изменения:
- New version 10.0.17
- Added glpi-php8.3
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2024-50339 : Unauthenticated session hijacking
 + CVE-2024-40638 : Account takeover through SQL injection
 + CVE-2024-43416 : Users email enumeration by unauthenticated user
 + CVE-2024-47758 : Account takeover without privilege escalation through the API
 + CVE-2024-47761 : Account takeover via the password reset feature
 + CVE-2024-47760 : Account takeover via API
 + CVE-2024-48912 : Insecure account deletion by authenticated user
 + CVE-2024-45608 : Authenticated SQL Injection
 + CVE-2024-41679 : Authenticated SQL injection in ticket form
 + CVE-2024-45611 : Stored XSS in RSS feeds
 + CVE-2024-47759 : Stored XSS via document upload
 + CVE-2024-43417 : Reflected XSS
 + CVE-2024-43418 : Reflected XSS
 + CVE-2024-45609 : Reflected XSS
 + CVE-2024-45610 : Reflected XSS
 + CVE-2024-41678 : Reflected XSS
30 октября 2024 г. 8:02

ocsinventory-agent

Версия: 2.10.4-alt1
О пакете: Hardware and software inventory tool (Agent)
Изменения:
- New version.
4 января 2024 г. 12:09

itop

Версия: 3.1.1.1-alt1
О пакете: IT Operations Portal («Портал IT-операций»)
Изменения:
- New version 3.1.1.1
- Security fixes:
 + CVE-2023-48710 : Restrict pages/exec.php to PHP files
 + CVE-2023-48709 : Fix CSV injection in Excel from an iTop CSV export file
 + CVE-2023-46734 : Fix potential XSS vulnerabilities in TWIG CodeExtension filters
 + CVE-2023-47123 : Fix XSS vulnerability in n:n relations "tagset" widget
 + CVE-2023-47622 : Fix XSS vulnerabilities in ajax operations
 + CVE-2023-47626 : Fix XSS vulnerabilities in authent token
 + CVE-2023-44396 : Fix XSS vulnerabilities in dashlet ajax operations
 + CVE-2023-43790 : Fix XSS vulnerabilities in friendlyname in object details
 + CVE-2023-38511 : Fix dashboard allowing to load multiple files and urls
 + CVE-2023-45808 : Fix object creation in non allowed org by forging http query in both Console and Portal
23 октября 2023 г. 3:13

perl-XML-Entities

Версия: 1.0002-alt3
О пакете: XML::Entities - Decode strings with XML entities
Изменения:
- fixed unpackaged files