Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
89
security advisorysoftware updateFedoraFedora 22: GLPI 0.90.3 Security Update - Minor Issues Handled
**Version 0.90.3** * security update to prevent a minor vulnerability * fix issues with post-only ticket form See [changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.3) for more details. ---- **Version 0.90.2** Include bugfixes and some minor features : * An alert in central page when some of your mysql tables are marked as crashed * A better . -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-657a4a658e 2016-04-21 21:26:59.080086 -------------------------------------------------------------------------------- Name : glpi Product : Fedora 22 Version : 0.90.3 Release : 1.fc22 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. -------------------------------------------------------------------------------- Update Information: **Version 0.90.3** * security update to prevent a minor vulnerability * fix issues with post-only ticket form See [changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.3) for more details. ---- **Version 0.90.2** Include bugfixes and some minor features : * An alert in central page when some of your mysql tables are marked as crashed * A better flexibility in splitted layout for small screens * More fields in Search- engine (Document comments, ticket id for Changes) * Redirect to previous page after a profile switching (when it is possible) * An icon for default document type * A better compatibility when collecting emails from office365 See[changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.2) This package also fix the logrotate configuration. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update glpi' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 20, 2024
Fedora
89
security advisorysoftware updateFedoraFedora 24 Update: GLPI Security Fix For Minor IT Management Issues
**Version 0.90.3** * security update to prevent a minor vulnerability * fix issues with post-only ticket form See [changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.3) for more details. ---- **Version 0.90.2** Include bugfixes and some minor features : * An alert in central page when some of your mysql tables are marked as crashed * A better . -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-9db4add326 2016-04-17 23:40:12.300984 -------------------------------------------------------------------------------- Name : glpi Product : Fedora 24 Version : 0.90.3 Release : 1.fc24 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. -------------------------------------------------------------------------------- Update Information: **Version 0.90.3** * security update to prevent a minor vulnerability * fix issues with post-only ticket form See [changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.3) for more details. ---- **Version 0.90.2** Include bugfixes and some minor features : * An alert in central page when some of your mysql tables are marked as crashed * A better flexibility in splitted layout for small screens * More fields in Search- engine (Document comments, ticket id for Changes) * Redirect to previous page after a profile switching (when it is possible) * An icon for default document type * A better compatibility when collecting emails from office365 See[changelog](https://github.com/glpi-project/glpi/issues?q=milestone:0.90.2) This package also fix the logrotate configuration. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update glpi' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 20, 2024
•Important
Fedora
203
security advisorysecurity issuebug fixMageia: 2020-0052 Moderate: GLPI Security Update with Bug Fixes
The glpi package has been updated to version 9.4.5, fixing several bugs and security issues. See the upstream announcements for details. References: - https://bugs.mageia.org/show_bug.cgi?id=25931 . MGASA-2020-0052 - Updated glpi packages fix security vulnerabilities Publication date: 28 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0052.html Type: security Affected Mageia releases: 7 The glpi package has been updated to version 9.4.5, fixing several bugs and security issues. See the upstream announcements for details. References: - https://bugs.mageia.org/show_bug.cgi?id=25931 - https://github.com/glpi-project/glpi/releases/tag/9.4.3 - https://github.com/glpi-project/glpi/releases/tag/9.4.4 - https://github.com/glpi-project/glpi/releases/tag/9.4.5 - https://lists.fedoraproject.org/archives/list/
Jan 28, 2020
Mageia
89
security advisorycriticalsoftware updateFedora: 2019-311441d430 Critical: GLPI Security Update for Fedora 31
**GLPI version 9.4.4** This is a **security release**, upgrading is highly recommended Non exhaustive list of changes: * [security] Prevent account takeover vulnerability , * [security] Prevent execution of XSS on rich text, * fix cache key lenght issues, * fix user picture removal at login, * several fixes on recurring tickets, * fix some transfer errors related to. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-311441d430 2019-10-03 00:35:33.619016 --------------------------------------------------------------------------------Name : glpi Product : Fedora 31 Version : 9.4.4 Release : 1.fc31 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: **GLPI version 9.4.4** This is a **security release**, upgrading is highly recommended Non exhaustive list of changes: * [security] Prevent account takeover vulnerability , * [security] Prevent execution of XSS on rich text, * fix cache key lenght issues, * fix user picture removal at login, * several fixes on recurring tickets, * fix some transfer errors related to entities among others, * and more! See [changelog](https://github.com/glpi-project/glpi/milestone/37?closed=1) for details. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2019-311441d430' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 02, 2019
•Critical
Fedora
89
security advisorysoftware updateFedoraFedora 29 glpi Security Update: Prevent XSS Threats and Exploits
Includes security fix backported from 9.4.3 * [security] Prevent execution of XSS on rich text, * [security] Prevent xss attack on user picture,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-169f1eec7c 2019-07-02 02:30:39.056179 --------------------------------------------------------------------------------Name : glpi Product : Fedora 29 Version : 9.3.4 Release : 2.fc29 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: Includes security fix backported from 9.4.3 * [security] Prevent execution of XSS on rich text, * [security] Prevent xss attack on user picture, --------------------------------------------------------------------------------ChangeLog: * Fri Jun 21 2019 Remi Collet - 9.3.4-2 - [security] Prevent execution of XSS on rich text - [security] Prevent XSS attack on user picture * Thu Apr 11 2019 Remi Collet - 9.3.4-1 - update to 9.3.4 * Wed Mar 27 2019 Remi Collet - 9.3.3-2 - add security fix backported from 9.4.1: [security] Bad chevrons rendering on dropdowns [security] Iframe and forms are rendered in rich text contents [security] Type juggling authentication bypass [security] Malicious images upload [security] Password token date was not reset [security] Prevent timed attack and enforce cookie security - add dependency on exif extension * Tue Nov 27 2018 Remi Collet - 9.3.3-1 - update to9.3.3 * Tue Nov 6 2018 Remi Collet - 9.3.2-3 - add missing dependency on elvanto/litemoji * Mon Nov 5 2018 Remi Collet - 9.3.2-1 - update to 9.3.2 - version 9.3.2 conflicts with glpi-fusioninventory < 1:9.3+1.2 see https://github.com/glpi-project/glpi/issues/4837 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-169f1eec7c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 01, 2019
•Critical
Fedora
89
security advisorymoderatesoftware updateFedora 28: 2018-c766d7c0f0 Moderate: GLPI SQL Injection Fix
add upstream patch to fix SQL injection. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-c766d7c0f0 2018-07-13 17:31:30.787025 --------------------------------------------------------------------------------Name : glpi Product : Fedora 28 Version : 9.2.4 Release : 2.fc28 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: add upstream patch to fix SQL injection --------------------------------------------------------------------------------ChangeLog: * Tue Jul 3 2018 Remi Collet - 9.2.4-2 - add upstream patch to fix SQL injection CVE-2018-13049 * Thu Jun 21 2018 Remi Collet - 9.2.4-1 - update to 9.2.4 * Wed Jun 20 2018 Remi Collet - 9.2.3-3 - drop dependency on initscripts #1592356 - use range dependencies on F27+ * Fri Apr 27 2018 Remi Collet - 9.2.3-1 - update to 9.2.3 - add dependency on sebastian/diff 1.4 --------------------------------------------------------------------------------References: [ 1 ] Bug #1597423 - CVE-2018-13049 glpi: SQL Injection in inc/search.class.php https://bugzilla.redhat.com/show_bug.cgi?id=1597423 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-c766d7c0f0' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 13, 2018
Fedora
89
security advisoryfedoraupdateFedora 28: FEDORA-2019-b8dcaabb4e Critical: GLPI XSS Vulnerability Patch
add upstream patch to fix SQL injection. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-cdccabb23d 2018-07-13 16:33:58.543344 --------------------------------------------------------------------------------Name : glpi Product : Fedora 27 Version : 9.1.7.1 Release : 3.fc27 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration-Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. --------------------------------------------------------------------------------Update Information: add upstream patch to fix SQL injection --------------------------------------------------------------------------------ChangeLog: * Tue Jul 3 2018 Remi Collet - 9.1.7.1-3 - add upstream patch to fix SQL injection CVE-2018-13049 * Sat Mar 17 2018 Remi Collet - 9.1.7.1-2 - escape get keys to prevent possible xss CVE-2018-7563 * Wed Dec 6 2017 Remi Collet - 9.1.7.1-1 - update to 9.1.7.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1597423 - CVE-2018-13049 glpi: SQL Injection in inc/search.class.php https://bugzilla.redhat.com/show_bug.cgi?id=1597423 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-cdccabb23d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPGkey. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 13, 2018
•Critical
Fedora
89
security advisoryfedoraprivilege escalationFedora 21 GLPI Security Advisory: Privilege Escalation via POST Request
* Fix privilege escalation via user creation with a crafted POST request. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-4684 2015-03-26 16:44:31 -------------------------------------------------------------------------------- Name : glpi Product : Fedora 21 Version : 0.84.8 Release : 4.fc21 URL : https://www.glpi-project.org/en/ Summary : Free IT asset management software Description : GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company (computer, software, printers...). It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-system with mail-notification and methods to build a database with basic information about your network-topology. -------------------------------------------------------------------------------- Update Information: * Fix privilege escalation via user creation with a crafted POST request -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 24 2015 Remi Collet - 0.84.8-4 - add security fix * Mon Dec 22 2014 Remi Collet - 0.84.8-3 - fix SQL Injection CVE-2014-9258 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1194196 - glpi: privilege escalation via user creation with a crafted POST request https://bugzilla.redhat.com/show_bug.cgi?id=1194196 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update glpi' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 05, 2015
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!