Here is a summary of the most important changes of the 1.7 version:
some important fixes have been made on ToolBox plugin in relation with NetDiscovery and RemoteInventory tasks:
the defined timeout will only apply on connection tries during discovery where the agent backend-collect-timeout configuration will apply on the inventory
a possible locking issue while running the discovery has been fixed
we updated the way we define the “Agent Folder” local target in inventory tasks configuration to have a more appropriate sens when the agent is running as a service
an issue blocking the submission of JSON remote inventory was fixed
for NetDiscovery and NetInventory tasks, we also have:
an enhanced support of Toshiba printers
a fix related to the support of LLDP connection datas analysis
for ToolBox plugin, we also fixed the export button on the results page
the RemoteInventory task also includes:
a fix for the inventory of softwares from a windows remote with a windows agent
a fix for computer FQDN and domain inventory
an update to support timezone inventory
an update to support printer inventory via ssh using perl mode
a fix for an error preventing ssh inventory because of a wrong option in the “ssh” mode
the ESX task has been fixed to work as expected with the GlpiInventory plugin without living the job in a “ko” status with just “n/a” as description while the inventory is still normally integrated
the Inventory task has received few improvements:
the support of SentinelOne antivirus on linux. It was implemented by a community contributor, many thanks to him !
the assetname-support option has been updated to authorize forcing the asset name with its FQDN on linux. Also that option also changes the computing of the agent name in the same way.
a fix related to the inventory of network cards on linux
an update to find the wifi card network speed on linux
the MacOSX package has been udpated to use OpenSSL 3.2.0
the Apple AppID for the MacOSX package has been updated
the 1.6 and 1.6.1 linux perl installers had a problem generating an error during agent update and this is now fixed
to optimize the running time while using a server url with SSL support, we decided to no more try to export the ssl key store if any of the options providing SSL server certificate authentication is still used
About the MSI windows installer, it appears the used perl version is now completely outdated and requires a very big update. This essentially concerns the OpenSSL and libssh2 libraries, the last been used for remote inventory. As we use StrawberryPerl and this project decided to no more support the 32 bits perl version, we decided the 1.7 version will be the last to provide GLPI Agent in 32 bits. This perl update will be the main goal of the next 1.8 version.
A new GLPI version is available.
This release fixes a few security issues that have been recently discovered. Update is recommended!
[SECURITY - high] SQL injection through inventory agent request (CVE-2023-46727)
[SECURITY - high] Remote code execution from LDAP server configuration form on PHP 7.4 (CVE-2023-46726)
On this last point, we wanted to recall the 7.4 version of PHP is very outdated and not supported anymore by the developers! You should upgrade on a recent version, at least 8.2 (8.0 will be outdated at the end of the year and 8.1 will be only with security fixes).
Also, here is a short list of main changes done in this version:
[UX] Enhance pending reasons display
[FIX] various LDAP fixes (timeout, location import, deletion/restoration scenarios)
[FIX] several inventory fixes (unmanaged assets reconciliation, rules for phones, rules logs for discovery, Cisco stacks, removal of remote management)
[FIX] several performance enhancements (defer entity tree loading, strong enhancement on actors loading, all assets query execution time, web cron removal, dual ajax call for tab loading)
[TASK] highlights of security requirements on install/update page. Some options like PHP versions, web folder setup are suggested with a strong visual.
However, on a factory reset or when reinstalling the inventory agent, this UUID changes. And when an inventory is uploaded, GLPI will create a new device (because the serial number is different). It is now possible to define a serial number (with the one already stored in GLPI) to avoids duplication in the GLPI inventory.
The Agent Config plugin has also been updated, to feature a new QRCode / Deeplink on the device file containing the serial number.
Android compatibility
From Android 4 (Jelly Bean) to Android 13 (Sdk 33)
The 1.6.1 version specifically fixes SSL connections problems introduced with 1.6 version update for windows and MacOSX agents.
Here is a summary of the most important changes of the 1.6 version:
The NetDiscovery and NetInventory tasks has been heavily reworked:
the Parallel: ForlManager library is used as more stable on some environments,
the NetDiscovery task now supports the discovery of remote computers and can run ESX and RemoteInventory tasks. This feature is currently only used by the ToolBox plugin.
network device support has been enhanced again for different manufacturers like Cisco, Zebra, Aruba, Checkpoint, Citrix and Synology.
The ToolBox plugin now offers a full tasks management support and permits to configure the discovery of remote computers using ESX and RemoteInventory tasks. In ToolBox, the NetDiscovery task including automatic inventory tasks run is named “netscan”:
the inventory management page is now a list of local and remote inventory tasks,
the credentials management page permits to create credentials for ESX, WinRM and SSH,
a scheduling management page permits to define how to planify tasks runs,
the “remotes” page becomes obsolete and will be removed in next version,
a new option is available to add a navigation link toward the agent index page
The RemoteInventory task includes a fix on SSH connections and supports the connection timeouts configured by ToolBox plugin,
The ESX task has been enhanced to support the “netscan” task started from ToolBox plugin,
The Proxy plugin has been fixed to support compressed requests and store JSON inventories with a better file name when local storage option is enabled,
The Inventory task has also received many enhancements and fixes including:
the antivirus inventory support on MacOSX (Defender) and Linux (Defender and BitDefender),
the support for latest RustDesk versions for remote management discovery,
an enhanced support for LXC and LXD containers based virtualization on linux.
The MacOSX package has been udpated to use OpenSSL 3.1.4 and zlib 1.3,
The linux perl installer includes fixes and supports installation on many new systems,
The MSI windows installer includes few updates:
the GLPI-AgentMonitor community tool has been updated to 1.2.3 version and now supports spanish and russian languages,
a new installer option permits to just reconfigure the installed agent,
the deletion of log, var and etc folders has been fixed during uninstallation,
the VBS script has been fixed to check installation and especially avoid an installation failure is the MSI service is still in use.
This version is compatible with GLPI 10.0.10 or later.
⚠️ The plugin allows you to use GLPI 10.0.6 or older, but there are known incompatibilities, including fatal errors (due to some bugfixes / improvements). If you use an out-of-date maintenance release, update it first!
Bug Fixes
restoring ticket may create inconsistency in DB (3cf3e4ebd)
abstractitiltarget: ITIL category from template shall not take precedence (8f8d9a7c4)
category: translation feature of dropdowns not handled (6287f1b34)
A new GLPI version is available.This release fixes a critical security issue that have been recently discovered. Update is strongly recommended!You can download the GLPI 10.0.10 archive on GitHub.You will find below the list of security issues fixed in this bugfixes version:
[FIX] Fix some issues on SLA/OLA escalation levels computation.
[FIX] Fix some issues on search on numeric and dates fields.
The full changelog is available for more details.Download GLPI 10.0.10We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!Regards.
This version is compatible with GLPI 10.0.⚠️ This release requires some bugfixes in GLPI to work properly. These bugfixes are included in GLPI 10.0.9 or later. Please, ensure your GLPI is up to date to prevent useless bug reports.
Bug Fixes
Adding READ right for display reservations menu tab (03e6281e)
Following the last releases of 10.0.8, a few annoying issues has been detected:
Update script uses a SQL function incompatible with MySQL 5.7 (#15141)
Private follow-ups and tasks are invisible to users with appropriate rights (#15128)
In the same time, a moderate security advisory has been reported (SQL injection in dashboard administration - CVE-2023-37278) and fixed in this release.
We released a new version to address these bugs, you can download the GLPI 10.0.9 archive on GitHub.
A new GLPI version is available.
This release fixes several security issues that have been recently discovered. Update is recommended!
This release includes a security fix related to CVE-2023-34254. You’ll only be concerned by this security alert if you’re using the remoteinventory task in the case of unix/linux remote inventory via ssh.
Here is a summary of the most important changes:
libxml2 library is now required for all the features using XML,
Windows keystore support has been extended to support more stores to ease GLPI SSL certificate validation,
inventory task has a lot of enhancements. In particular, some WMI timeouts has been fixed on windows and a new assetname-support option permits to choose to set asset name from short hostname or fqdn on unix/linux,
remoteinventory task includes several important fixes and has been enhanced to support remote inventory multi-threading thanks to the new remote-workers option,
netdiscovery and netinventory tasks also had their bunch of fixes and many new devices are now supported,
deploy, collect and ESX tasks also had few fixes and enhancements,
the embedded HTTPD interface can now use a basic authentication plugin to secure even more access, like for the ToolBox interface,
MacOSX packages have been updated to use OpenSSL 3.1.1 and zlib 1.2.13,
the 3.5 version of dmidecode has been included in windows and MacOSX packages,
the linux perl installer includes several fixes and now supports Oracle Linux 7 installation,
MSI packaging now permits to install GLPI-AgentMonitor community tool which provides interesting features for users via a systray icon, check the following project for more details: https://github.com/glpi-project/glpi-agentmonitor
Speaking about the MSI packaging, we decided to not sign the packages and provided binaries as code-signing SSL certificate providers are failing to provide us the required certificate in a reasonable time. So you may experience some security alerts until the MSI packages reputation has been nicely established.
Pour offrir les meilleures expériences, nous utilisons des technologies telles que les cookies pour stocker et/ou accéder aux informations des appareils. Le fait de consentir à ces technologies nous permettra de traiter des données telles que le comportement de navigation ou les ID uniques sur ce site. Le fait de ne pas consentir ou de retirer son consentement peut avoir un effet négatif sur certaines caractéristiques et fonctions.
Fonctionnel
Always active
L’accès ou le stockage technique est strictement nécessaire dans la finalité d’intérêt légitime de permettre l’utilisation d’un service spécifique explicitement demandé par l’abonné ou l’utilisateur, ou dans le seul but d’effectuer la transmission d’une communication sur un réseau de communications électroniques.
Préférences
L’accès ou le stockage technique est nécessaire dans la finalité d’intérêt légitime de stocker des préférences qui ne sont pas demandées par l’abonné ou l’internaute.
Statistiques
Le stockage ou l’accès technique qui est utilisé exclusivement à des fins statistiques.Le stockage ou l’accès technique qui est utilisé exclusivement dans des finalités statistiques anonymes. En l’absence d’une assignation à comparaître, d’une conformité volontaire de la part de votre fournisseur d’accès à internet ou d’enregistrements supplémentaires provenant d’une tierce partie, les informations stockées ou extraites à cette seule fin ne peuvent généralement pas être utilisées pour vous identifier.
Marketing
L’accès ou le stockage technique est nécessaire pour créer des profils d’internautes afin d’envoyer des publicités, ou pour suivre l’utilisateur sur un site web ou sur plusieurs sites web ayant des finalités marketing similaires.
