#58340 – Обновить патчи безопансости 10.0.24

Bug 58340 - Обновить патчи безопансости 10.0.24

Summary: Обновить патчи безопансости 10.0.24

Status:	CLOSED FIXED

Alias:	None

Product:	Branch p11
Classification:	Unclassified
Component:	glpi (show other bugs)
Version:	unspecified
Hardware:	x86 Linux

Importance:	P5 normal
Assignee:	zidex@altlinux.org
QA Contact:	qa-p11@altlinux.org

URL:
Keywords:

Depends on:
Blocks:

Reported:	2026-03-24 11:27 MSK by A1exaAK
Modified:	2026-03-27 23:33 MSK (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description A1exaAK 2026-03-24 11:27:27 MSK

This is a security release, upgrading is recommended

This release fixes a few security issues that have been recently discovered. Update is recommended!

You will find below the list of security issues fixed in this bugfixes version:

[SECURITY - High] Stored XSS in Supplier CVE-2026-25932)
[SECURITY - High] Authenticated SQL Injection (CVE-2026-29047)
Many bug fixes have also been made, read the full changelog is available for more details. (https://github.com/glpi-project/glpi/milestone/85?closed=1)

We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!

Regards.

Comment 1 zidex@altlinux.org 2026-03-26 10:35:23 MSK

Задание #412608

Comment 2 Repository Robot 2026-03-27 23:33:56 MSK

glpi-10.0.24-alt1 -> p11:

Wed Mar 25 2026 Pavel Zilke <zidex@altlinux> 10.0.24-alt1
- New version 10.0.24 (ALT #58340)
- Security fixes:
- This release fixes a security issue that has been recently discovered. Update is recommended!
 + CVE-2026-25932 : Stored XSS in Supplier
 + CVE-2026-29047 : Authenticated SQL Injection