Package glpi: Information
Default inline alert: Version in the repository: 9.5.13-alt1
Source package: glpi
Version: 9.5.12-alt1
Build time: Mar 29, 2023, 06:05 PM in the task #317348
Category: Networking/Other
Report package bugHome page: http://www.glpi-project.org
License: GPLv2
Summary: IT and asset management software
Description:
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology.
Maintainer: Pavel Zilke
Last changed
March 18, 2023 Pavel Zilke 9.5.12-alt1
- New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on external links + CVE-2023-23610 : Unauthorized access to data export + CVE-2022-41941 : Stored XSS inside Standard Interface Help Link href attribute
Nov. 5, 2022 Pavel Zilke 9.5.11-alt1
- New version 9.5.11 - Bugfix for previouys release
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1
- New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information + CVE-2022-39376 : Improper input validation on emails links + CVE-2022-39370 : Improper access to debug panel + CVE-2022-39234 : User's session persist after permanently deleting his account + CVE-2022-39262 : Stored XSS on login page + CVE-2022-39277 : XSS in external links + CVE-2022-39375 : XSS through public RSS feed + CVE-2022-39323 : SQL Injection on REST API