Stay Secure with the Latest Linux Advisories

security advisoryfedoracritical

Fedora 10: 2009:1147-1 Critical: GLPI SQL Injection Issue Resolution

Upstream Changelog : Version 0.71.5 - Regression on list order Version 0.71.4 - [SECURITY] SQL injection problem - Manage UTF8 filename - Search Engine fails for Computer / Peripheral - Error in VNC display on report infocom - RDV are note display in the planning. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-1147 2009-01-29 22:31:30 --------------------------------------------------------------------------------Name : glpi Product : Fedora 10 Version : 0.71.5 Release : 1.fc10 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: Upstream Changelog : Version 0.71.5 - Regression on list order Version 0.71.4 - [SECURITY] SQL injection problem - Manage UTF8 filename - Search Engine fails for Computer / Peripheral - Error in VNC display on report infocom - RDV are note display in the planning --------------------------------------------------------------------------------ChangeLog: * Mon Jan 26 2009 Remi Collet - 0.71.5-1 - update to 0.71.5 (Fix regression in 0.71.4) * Mon Jan 26 2009 Remi Collet - 0.71.4-1 - update to 0.71.4 (Security Release) --------------------------------------------------------------------------------References: [ 1 ] Bug #481558 - glpi: multiple SQL injection flaws https://bugzilla.redhat.com/show_bug.cgi?id=481558 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update glpi' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . GLPI's recent enhancements target security vulnerabilities and augment asset oversight for Fedora 10, streamlining administrative functions.. Fedora Update, GLPI Software, SQL Injection Fix, IT Asset Management. . Severity: Critical. LinuxSecurity.com Team

Jan 29, 2009 •Critical Fedora