Security fix for the ALT Linux 10 package glpi version 9.5.2-alt1

Oct. 26, 2020 Pavel Zilke 9.5.2-alt1 - New version 9.5.2 - Security fixes: + CVE-2020-15176 : SQL injection with a query parameter of user form + CVE-2020-15175 : Removal of .htaccess file in the files folder via a plugin endpoint + CVE-2020-15217 : Leakage issue with knowledge base +...

Security fix for the ALT Linux 9 package glpi version 9.5.2-alt1

Oct. 26, 2020 Pavel Zilke 9.5.2-alt1 - New version 9.5.2 - Security fixes: + CVE-2020-15176 : SQL injection with a query parameter of user form + CVE-2020-15175 : Removal of .htaccess file in the files folder via a plugin endpoint + CVE-2020-15217 : Leakage issue with knowledge base +...

glpi -- leakage issue with knowledge base

MITRE Corporation reports: In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to the FAQ...