Skip to content

GLPI 10.0.15

Choose a tag to compare

View all tags
@github-actions github-actions released this 10 Sep 15:24
· 16 commits to master since this release
10.0.15
675bc55

This is a security release, upgrading is recommended

Download it

This release fixes a few security issues that have been recently discovered. Update is recommended!

You can download the GLPI 10.0.15 archive on GitHub.

You will find below the list of security issues fixed in this bugfixes version:

  • [SECURITY - high] Authenticated SQL injection from map search (CVE-2024-31456)
  • [SECURITY - high] Account takeover via SQL Injection in saved searches feature (CVE-2024-29889)

Also, here is a short list of main changes done in this version:

  • [FIX] Fix used right by reservation form.
  • [FIX] Do not rely on input to apply rules rights.
  • [FIX] Always store updated SMTP Oauth refresh token.
  • [TASK] Upgrade tinymce.

The full changelog is available for more details.

We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!

Regards.

Assets 2
Loading