mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-27 05:10:36 +00:00
Code Issues Releases Activity
37e77df7e5
freebsd-ports/www/glpi
History
Mathias Monnerville 35c59aa6e4 www/glpi: update to 10.0.15 (CVE-2024-31456, CVE-2024-29889) 
Mostly a security release (2 high severity security fixes).

ChangeLog:
https://github.com/glpi-project/glpi/releases/tag/10.0.15

This release fixes a few security issues that have been recently discovered.
Update is recommended!
You will find below the list of security issues fixed in this bugfixes version:
* [SECURITY - high] Authenticated SQL injection from map search (CVE-2024-31456)
* [SECURITY - high] Account takeover via SQL Injection in saved searches feature
(CVE-2024-29889)

Also, here is a short list of main changes done in this version:
* [FIX] Fix used right by reservation form.
* [FIX] Do not rely on input to apply rules rights.
* [FIX] Always store updated SMTP Oauth refresh token.
* [TASK] Upgrade tinymce.

PR:		278641
MFH:		2024Q2
2024-04-29 13:16:57 +03:00
..
files
distinfo www/glpi: update to 10.0.15 (CVE-2024-31456, CVE-2024-29889) 2024-04-29 13:16:57 +03:00
Makefile www/glpi: update to 10.0.15 (CVE-2024-31456, CVE-2024-29889) 2024-04-29 13:16:57 +03:00
pkg-descr
pkg-plist www/glpi: update to 10.0.15 (CVE-2024-31456, CVE-2024-29889) 2024-04-29 13:16:57 +03:00