GLPI v9.4.1.1 Release Notes
Release Date: 2019-03-15 // about 5 years ago-
π This is a security release, upgrading is hightly recommended
Non exhaustive list of changes:
- π [security] Bad chevrons rendering on dropdowns (#5468)
- π [security] Iframe and forms are rendered in rich text contents (#5519)
- π [security] Type juggling authentication bypass (#5520)
- π [security] Malicious images upload (#5580)
- π [security] Password token date was not reset (#5577)
- π [security] Prevent timed attack and enforce cookie security (#5562)
- Search on dropdowns now displays fuzzy matches (#5149)
- π» All components were deleted when permanently deleting a computer (#5459)
- Unable to display network ports (#5460, #5461)
- Preferences not applied (#5372)
- Unable to use βforgotten passwordβ feature (#5386)
- And many more!
π You may notice displayed and archive versions are 9.4.1.1; this is because we've decided to integrate two more fixes we found after release has been prepared!
π See changelog and minor changelog for details.