Advisories » MGASA-2013-0288

Updated glpi package fixes security vulnerabilities

Publication date: 20 Sep 2013
Modification date: 20 Sep 2013
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-2225 , CVE-2013-2226 , CVE-2013-5696

Description

Multiple security vulnerabilities due to improper sanitation of user input
in GLPI before versions 0.83.9 (CVE-2013-2226), 0.83.91 (CVE-2013-2225),
and 0.84.2 (CVE-2013-5696).

This update provides GLPI version 0.83.91, with a patch from GLPI 0.84.2,
to fix these issues.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=10579
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2225
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2226
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5696

SRPMS

3/core

• glpi-0.83.91-1.1.mga3