Package: glpi Version: 0.71.2-2 Severity: grave Tags: security Justification: user security hole
Hi! glpi versions prior to 0.71.4 are affected by a SQL injection vulnerability. See the upstream announce [1] and SecurityFocus [2]. [1] http://www.glpi-project.org/spip.php?page=annonce&id_breve=161&lang=en [2] http://www.securityfocus.com/bid/33477 Thank you very much! Best regards, Nelson -- System Information: Debian Release: 5.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.28.2-naoliv1 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
