You are not logged in.
Pages: 1
This release fixes several critical security issues that has been recently discovered. Update is strongly recommended!
You will find below the list of security issues fixed in this bugfixes version:
[SECURITY - High] SQL injection via inventory agent request (CVE-2023-35924).
[SECURITY - High] SQL injection through Computer Virtual Machine information (CVE-2023-36808).
[SECURITY - High] Unauthorized access to Dashboard data (CVE-2023-35939).
[SECURITY - High] Unauthenticated access to Dashboard data (CVE-2023-35940).
[SECURITY - Moderate] Reflected XSS in search pages (CVE-2023-34244).
[SECURITY - Moderate] Unauthorized access to knowledge base items (CVE-2023-34107).
[SECURITY - Moderate] Unauthorized access to user data (CVE-2023-34106).
Also, here is a short list of main changes done in this version:
[FEATURE] Improve mail grouping (#14296)
[FEATURE] Add deleted status in item's header (#14382)
[FEATURE] Add option to control the display of dropdowns labels (#14472)
[FEATURE] Permits to check DB schema from GLPI versions >= 0.80 (#14666)
[FIX] Improve performance of plugins init (#14511)
[FIX] Improve performance of kanban views (#14525, #14599, #14764)
[FIX] Ldap issues with PHP versions >= 8.1 (#14561)
[FIX] SLA waiting time duration (#14937)
[FIX] Notification encoding for MS Outlook (#14959)
A lot of fixes in native inventory
See full technical changelog for details.
We would like to thank all people who contributed to this new version and all those who contribute regularly to the GLPI project!
Besoin d'un support professionnel pour GLPI ? Pensez à GLPI Network ! https://glpi-project.org/fr/tarifs/
Connaissez-vous l'offre Cloud maintenue et supportée par l'équipe qui édite GLPI ?
Vous pouvez tester gratuitement pendant 45 jours ! https://glpi-network.cloud (ou plus si besoin)
Offline
Pages: 1