Sicherheit: Mangelnde Rechteprüfung in glpi
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in glpi
ID: FEDORA-2019-c36819bf25
Distribution: Fedora
Plattformen: Fedora 29
Datum: Di, 23. April 2019, 23:18
Referenzen: Keine Angabe
Applikationen: Gestion Libre de Parc Informatique


Fedora Update Notification
2019-04-23 20:13:25.293564

Name : glpi
Product : Fedora 29
Version : 9.3.4
Release : 1.fc29
URL : http://www.glpi-project.org/
Summary : Free IT asset management software
Description :
GLPI is the Information Resource-Manager with an additional Administration-
Interface. You can use it to build up a database with an inventory for your
company (computer, software, printers...). It has enhanced functions to make
the daily life for the administrators easier, like a job-tracking-system with
mail-notification and methods to build a database with basic information
about your network-topology.

Update Information:

**Version 9.3.4** This is a security release, upgrading is highly recommended
* [security] Prevent external redirections This release also fix some minor

* Thu Apr 11 2019 Remi Collet <remi@remirepo.net> - 9.3.4-1
- update to 9.3.4
* Wed Mar 27 2019 Remi Collet <remi@remirepo.net> - 9.3.3-2
- add security fix backported from 9.4.1:
[security] Bad chevrons rendering on dropdowns
[security] Iframe and forms are rendered in rich text contents
[security] Type juggling authentication bypass
[security] Malicious images upload
[security] Password token date was not reset
[security] Prevent timed attack and enforce cookie security
- add dependency on exif extension
* Tue Nov 27 2018 Remi Collet <remi@remirepo.net> - 9.3.3-1
- update to 9.3.3
* Tue Nov 6 2018 Remi Collet <remi@remirepo.net> - 9.3.2-3
- add missing dependency on elvanto/litemoji
* Mon Nov 5 2018 Remi Collet <remi@remirepo.net> - 9.3.2-1
- update to 9.3.2
- version 9.3.2 conflicts with glpi-fusioninventory < 1:9.3+1.2
see https://github.com/glpi-project/glpi/issues/4837

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-c36819bf25' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten