[SECURITY] Fedora 11 Update: glpi-0.72.4-2.svn11035.fc11

updates at fedoraproject.org updates at fedoraproject.org
Tue Mar 23 23:40:22 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5188
2010-03-23 23:09:19.395714
--------------------------------------------------------------------------------

Name        : glpi
Product     : Fedora 11
Version     : 0.72.4
Release     : 2.svn11035.fc11
URL         : http://www.glpi-project.org/
Summary     : Free IT asset management software
Description :
GLPI is the Information Resource-Manager with an additional Administration-
Interface. You can use it to build up a database with an inventory for your
company (computer, software, printers...). It has enhanced functions to make
the daily life for the administrators easier, like a job-tracking-system with
mail-notification and methods to build a database with basic information
about your network-topology.

--------------------------------------------------------------------------------
Update Information:

This version correct several bugs.    Full upstream changelog :    * Bug #1893:
Unable to access to the model of phones dictionnary  * Bug #1904: Vlan not add
using Template  * Bug #1906: Message-ID should not use $SERVER['HTTPHOST']  *
Bug #1918: configured listlimitmax not honnoured  * Bug #1941: Disconnecting a
port doesn't free the network point.  * Bug #1942: onglet Tous d'un objet  * Bug
#1946: Business rules bug on test processing  * Bug #1963: expired license for
deleted software  * Bug #1969: bandwith / speed confusion  * Bug #1971: Report
by year for software  * Bug #2017: Wrong ID for Export ICAL / Webcal  * Bug
#2030: Search engine problem : user in lists  * Bug #2034: Interface helpdesk -
ticket details - navigation problem  * Bug #2035: Search on warranty date  * Bug
#2036: Report infocom display improvment  * Bug #2039: OCS manual import do not
use link processing  * Bug #2042: Security Problem - root_doc computation  * Bug
#2043: Security : clean $SERVER['PHPSELF'] REQUEST_URI...  * Bug #2056: LDAP
Group retrieval for external auth  * XSS vulnerability in embedded phpCAS
--------------------------------------------------------------------------------
ChangeLog:

* Mon Mar 22 2010 Remi Collet <Fedora at FamilleCollet.com> - 0.72.4-2.svn11035
- update embedded phpCAS to 1.1.0RC7 (security fix - #575906)
* Tue Mar  2 2010 Remi Collet <Fedora at FamilleCollet.com> - 0.72.4-1
- update to 0.72.4
* Tue Oct 27 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.72.3-1
- update to 0.72.3
* Wed Sep  9 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.72.2.1-1
- update to 0.72.21
* Tue Aug 18 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.72.1-1.svn8743
- update to 0.72.1 svn revision 8743
- use system PHPMailer
- now requires php > 5
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.71.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Tue Jun  2 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.71.6-1
- update to 0.71.6 (Bugfix Release)
* Fri May 22 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.71.5-4
- post 0.71.5 patches (7910=>8321)
* Sun Apr 26 2009 Remi Collet <Fedora at FamilleCollet.com> - 0.71.5-3
- post 0.71.5 patches (7910=>8236)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #575904 - moodle, glpi: XSS vulnerability in embedded phpCAS
        https://bugzilla.redhat.com/show_bug.cgi?id=575904
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update glpi' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list