Bug 58340

Summary: Обновить патчи безопансости 10.0.24
Product: Branch p11 Reporter: A1exaAK <a1exak2377>
Component: glpiAssignee: zidex <zidex>
Status: CLOSED FIXED QA Contact: qa-p11 <qa-p11>
Severity: normal    
Priority: P5 CC: amakeenk
Version: unspecified   
Hardware: x86   
OS: Linux   

Description A1exaAK 2026-03-24 11:27:27 MSK 
This is a security release, upgrading is recommended

This release fixes a few security issues that have been recently discovered. Update is recommended!

You will find below the list of security issues fixed in this bugfixes version:

[SECURITY - High] Stored XSS in Supplier CVE-2026-25932)
[SECURITY - High] Authenticated SQL Injection (CVE-2026-29047)
Many bug fixes have also been made, read the full changelog is available for more details. (https://github.com/glpi-project/glpi/milestone/85?closed=1)

We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!

Regards.
Comment 1 zidex@altlinux.org 2026-03-26 10:35:23 MSK 
Задание #412608
Comment 2 Repository Robot 2026-03-27 23:33:56 MSK 
glpi-10.0.24-alt1 -> p11:

Wed Mar 25 2026 Pavel Zilke <zidex@altlinux> 10.0.24-alt1
- New version 10.0.24 (ALT #58340)
- Security fixes:
- This release fixes a security issue that has been recently discovered. Update is recommended!
 + CVE-2026-25932 : Stored XSS in Supplier
 + CVE-2026-29047 : Authenticated SQL Injection