Fedora: 2009-1092 Critical: GLPI SQL Injection Flaw Addressed

GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your

company (computer, software, printers...). It has enhanced functions to make

the daily life for the administrators easier, like a job-tracking-system with

mail-notification and methods to build a database with basic information

about your network-topology.

Upstream Changelog : Version 0.71.5 - Regression on list order Version

0.71.4 - [SECURITY] SQL injection problem - Manage UTF8 filename - Search

Engine fails for Computer / Peripheral - Error in VNC display on report infocom

- RDV are note display in the planning

* Mon Jan 26 2009 Remi Collet - 0.71.5-1

- update to 0.71.5 (Fix regression in 0.71.4)

* Mon Jan 26 2009 Remi Collet - 0.71.4-1

- update to 0.71.4 (Security Release)

[ 1 ] Bug #481558 - glpi: multiple SQL injection flaws

https://bugzilla.redhat.com/show_bug.cgi?id=481558

su -c 'yum update glpi' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/