Β« Changelog History


GLPI v9.4.1.1 Release Notes

Release Date: 2019-03-15 // about 5 years ago

  • πŸš€ This is a security release, upgrading is hightly recommended

    πŸš€ Download it

    Non exhaustive list of changes:

    • πŸ”’ [security] Bad chevrons rendering on dropdowns (#5468)
    • πŸ”’ [security] Iframe and forms are rendered in rich text contents (#5519)
    • πŸ”’ [security] Type juggling authentication bypass (#5520)
    • πŸ”’ [security] Malicious images upload (#5580)
    • πŸ”’ [security] Password token date was not reset (#5577)
    • πŸ”’ [security] Prevent timed attack and enforce cookie security (#5562)
    • Search on dropdowns now displays fuzzy matches (#5149)
    • πŸ’» All components were deleted when permanently deleting a computer (#5459)
    • Unable to display network ports (#5460, #5461)
    • Preferences not applied (#5372)
    • Unable to use β€œforgotten password” feature (#5386)
    • And many more!

    πŸš€ You may notice displayed and archive versions are 9.4.1.1; this is because we've decided to integrate two more fixes we found after release has been prepared!

    πŸ‘€ See changelog and minor changelog for details.