Updated glpi packages fix security vulnerability

🗓️ 24 Feb 2018 23:25:24Reported by Gentoo FoundationType

mageia

mageia🔗 advisories.mageia.org👁 32 Views

Updated glpi packages fix security vulnerabilit

Reporter	Title	Published	Views	Family All 55
CNVD	GLPI front/backup.php file arbitrary file deletion vulnerability	1 Aug 201700:00	–	cnvd
CNVD	GLPI front/devicesoundcard.php file SQL injection vulnerability	1 Aug 201700:00	–	cnvd
CNVD	GLPI '$crit' Variable SQL Injection Vulnerability	21 Jul 201700:00	–	cnvd
CNVD	GLPI 'condition rule' SQL Injection Vulnerability	21 Jul 201700:00	–	cnvd
CNVD	GLPI 'entity_restrict' parameter SQL injection vulnerability	26 Jul 201700:00	–	cnvd
CVE	CVE-2017-11183	28 Jul 201705:00	–	cve
CVE	CVE-2017-11184	28 Jul 201705:00	–	cve
CVE	CVE-2017-11329	14 Jul 201716:00	–	cve
CVE	CVE-2017-11474	20 Jul 201704:00	–	cve
CVE	CVE-2017-11475	20 Jul 201704:00	–	cve

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	6	any	glpi	9.1.6-2	glpi-9.1.6-2.noarch.rpm
Mageia	6	any	php-zetacomponents-base	1.9-1.1	php-zetacomponents-base-1.9-1.1.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
glpi-project	www.glpi-project.org/spip.php
glpi-project	www.glpi-project.org/spip.php
glpi-project	www.glpi-project.org/spip.php
glpi-project	www.glpi-project.org/spip.php
glpi-project	www.glpi-project.org/spip.php

24 Feb 2018 23:25Current

3.6Low risk

Vulners AI Score3.6

CVSS 39.8

CVSS 27.5

EPSS0.00414

glpi packages security vulnerability version 9.1.6 php-zetacomponents-base bugs upstream release announcements working unix