Nov. 4, 2022 Pavel Zilke 9.5.10-alt1
- New version 9.5.10
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2022-39276 : Blind SSRF in RSS feeds and planning
+ CVE-2022-39372 : Stored XSS in user information
+ CVE-2022-39376 : Improper input validation on emails links
+ CVE-2022-39370 : Improper access to debug panel
+ CVE-2022-39234 : User's session persist after permanently deleting his account
+ CVE-2022-39262 : Stored XSS on login page
+ CVE-2022-39277 : XSS in external links
+ CVE-2022-39375 : XSS through public RSS feed
+ CVE-2022-39323 : SQL Injection on REST API
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ALT Linux | 10 | src | glpi-9.5.12-alt1.src.rpm | < 9.5.10-alt1 | glpi-9.5.12-alt1.src.rpm |
ALT Linux | 10 | noarch | glpi-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-9.5.12-alt1.noarch.rpm |
ALT Linux | 10 | noarch | glpi-apache2-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-apache2-9.5.12-alt1.noarch.rpm |
ALT Linux | 10 | noarch | glpi-php7-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-php7-9.5.12-alt1.noarch.rpm |