Package glpi-apache2: Information
Default inline alert: Version in the repository: 9.5.13-alt1
Binary package: glpi-apache2
Version: 9.5.11-alt1
Architecture: noarch
Build time: Dec 5, 2022, 10:42 AM in the task #310702
Source package: glpi
Category: Networking/Other
Report package bugDownload: glpi-apache2-9.5.11-alt1.noarch.rpm
Home page: http://www.glpi-project.org
License: GPLv2
Summary: Apache 2.x web-server configuration for glpi
Description:
Apache 2.x web-server configuration for glpi
Maintainer: Pavel Zilke
Last changed
Nov. 5, 2022 Pavel Zilke 9.5.11-alt1
- New version 9.5.11 - Bugfix for previouys release
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1
- New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information + CVE-2022-39376 : Improper input validation on emails links + CVE-2022-39370 : Improper access to debug panel + CVE-2022-39234 : User's session persist after permanently deleting his account + CVE-2022-39262 : Stored XSS on login page + CVE-2022-39277 : XSS in external links + CVE-2022-39375 : XSS through public RSS feed + CVE-2022-39323 : SQL Injection on REST API
Sept. 14, 2022 Pavel Zilke 9.5.9-alt1
- New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API + CVE-2022-31143 : Leak of sensitive information through login page error + CVE-2022-35914 : [critical] Command injection using a third-party library script + CVE-2022-35946 : SQL injection through plugin controller + CVE-2022-35947 : [critical] Authentication via SQL injection + CVE-2022-36112 : Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning