You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa glpi

Sigurnosni nedostatak programskog paketa glpi

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2019-07-02 02:30:39.056179

Name : glpi
Product : Fedora 29
Version : 9.3.4
Release : 2.fc29
Summary : Free IT asset management software
Description :
GLPI is the Information Resource-Manager with an additional Administration-
Interface. You can use it to build up a database with an inventory for your
company (computer, software, printers…). It has enhanced functions to make
the daily life for the administrators easier, like a job-tracking-system with
mail-notification and methods to build a database with basic information
about your network-topology.

Update Information:

Includes security fix backported from 9.4.3 * [security] Prevent execution of
XSS on rich text, * [security] Prevent xss attack on user picture,

* Fri Jun 21 2019 Remi Collet <> – 9.3.4-2
– [security] Prevent execution of XSS on rich text
– [security] Prevent XSS attack on user picture
* Thu Apr 11 2019 Remi Collet <> – 9.3.4-1
– update to 9.3.4
* Wed Mar 27 2019 Remi Collet <> – 9.3.3-2
– add security fix backported from 9.4.1:
[security] Bad chevrons rendering on dropdowns
[security] Iframe and forms are rendered in rich text contents
[security] Type juggling authentication bypass
[security] Malicious images upload
[security] Password token date was not reset
[security] Prevent timed attack and enforce cookie security
– add dependency on exif extension
* Tue Nov 27 2018 Remi Collet <> – 9.3.3-1
– update to 9.3.3
* Tue Nov 6 2018 Remi Collet <> – 9.3.2-3
– add missing dependency on elvanto/litemoji
* Mon Nov 5 2018 Remi Collet <> – 9.3.2-1
– update to 9.3.2
– version 9.3.2 conflicts with glpi-fusioninventory < 1:9.3+1.2

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-169f1eec7c’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorToni Vugdelija
Cert idNCERT-REF-2019-07-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa openssl

Otkriven je sigurnosni nedostatak u programskom paketu openssl za operacijski sustav Debian. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija....