Updated glpi packages fix security vulnerability
Publication date: 24 Feb 2018Modification date: 24 Feb 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-11183 , CVE-2017-11184 , CVE-2017-11329 , CVE-2017-11474 , CVE-2017-11475
Description
The glpi package has been updated to version 9.1.6, which fixes several
security issues and other bugs. See the upstream release announcements
for details.
An issue in the php-zetacomponents-base package which prevented GLPI from
working has also been fixed.
References
- https://bugs.mageia.org/show_bug.cgi?id=21331
- http://glpi-project.org/spip.php?page=annonce&id_breve=370&lang=en
- http://glpi-project.org/spip.php?page=annonce&id_breve=373&lang=en
- http://glpi-project.org/spip.php?page=annonce&id_breve=376&lang=en
- http://glpi-project.org/spip.php?page=annonce&id_breve=378&lang=en
- http://glpi-project.org/spip.php?page=annonce&id_breve=379&lang=en
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11183
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11184
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11329
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11474
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11475
SRPMS
6/core
- glpi-9.1.6-2.mga6
- php-zetacomponents-base-1.9-1.1.mga6