Releases: GSIT-ITSM-ITAM/gsit
GSIT-9.5.12
What's Changed
- Fix PHP error when LDAP user have "\ " in the name by @ddurieux in #24
- Fix code to disable missing users in LDAP when synchronize with option 'only-update-existing' by @ddurieux in #25
- Fix notifications for certificates by @ddurieux in #28
- Add LDAP filter for the filter and dn to prevent security problem by @ddurieux in #29
- Fix import rule (fatal error) when the criteria or action is a dropdown and the id has been deleted by @ddurieux in #31
- Fix status changes on create ticket when have only append assigned (user|group|supplier) in rules. by @ddurieux in #32
- Fix security problemes XSS and fix couple bugs by @ddurieux in #34
Full Changelog: GSIT-9.5.11...GSIT-9.5.12
You only have to uncompress the archive other the old version folder, no database changes required (it's a bugfix / security fixes version).
Contributors
Assets 3
Version 9.5.11
- remove tinymce context menu to keep browser context menu
- not check config folder writeable or not when use console (cli) for other things than install / update. the config folder MUST NOT BE WRITEABLE BY THE WEBSERVER! It's a security problem if writeable.
- fix tinymce loaded in different places of GSIT
No database upgrade needed
SHA256 (gsit-9.5.11.tgz) = 673850947d5cd31bc5f5a2667fce5c97b1c156d723be63632c5f7a3934843854
Version 9.5.10
- Multiple security patches.
- security enhancement in cleaning string and text
No database upgrade needed
Version 9.5.9
- fix search when have multiple associated items (in tickets for example)
- Do not expose CFG_GLPI on anonymous page
- Fix security problems with methods called in plugin form
- Mitigate SSRF exploits
- Ensure token based authentication only accept strings and the string is in the right format to prevent SQL injections
Version 9.5.8
- fix check of connection on central page (homepage)
- fix problems with image base64 in the ticket
- optimization of query in config
- fix error on change validation
- fix 3 CVE (security problems) - 1 is very critical
9.5.7 bug fix version
This is the bug fixes version of GSIT
Release glpisc 9.5.6
Changelog available on official repository: https://github.com/glpi-project/glpi/releases/tag/9.5.6
The DCS patches about security, clean glpi-network, clean marketplace and clean dashboards are in this version.
Release glpisc 9.5.5
Changelog available on official repository: https://github.com/glpi-project/glpi/releases/tag/9.5.5
The DCS patches about security, clean glpi-network, clean marketplace and clean dashboards are in this version.
Release glpisc 9.5.4
Changelog available on official repository: https://github.com/glpi-project/glpi/releases/tag/9.5.4
The DCS patches about security, clean glpi-network and clean marketplace are in this version.