The 1.7.1 version specifically fixes SSL connections problems introduced with 1.7 version update for windows and MacOSX agents but only when you’re using windows keystore or macosx keychain to publish the ssl chain validation for your GLPI server.
You don’t need to update to 1.7.1 after updating to 1.7 if you’re not in that case.
GLPI Agent 1.7 has been released.
You're encouraged to upgrade your GLPI agents or migrate if you're still using FusionInventory agents.
Here is a summary of the most important changes of the 1.7 version:
some important fixes have been made on ToolBox plugin in relation with NetDiscovery and RemoteInventory tasks:
the defined timeout will only apply on connection tries during discovery where the agent backend-collect-timeout configuration will apply on the inventory
a possible locking issue while running the discovery has been fixed
we updated the way we define the “Agent Folder” local target in inventory tasks configuration to have a more appropriate sens when the agent is running as a service
an issue blocking the submission of JSON remote inventory was fixed
for NetDiscovery and NetInventory tasks, we also have:
an enhanced support of Toshiba printers
a fix related to the support of LLDP connection datas analysis
for ToolBox plugin, we also fixed the export button on the results page
the RemoteInventory task also includes:
a fix for the inventory of softwares from a windows remote with a windows agent
a fix for computer FQDN and domain inventory
an update to support timezone inventory
an update to support printer inventory via ssh using perl mode
a fix for an error preventing ssh inventory because of a wrong option in the “ssh” mode
the ESX task has been fixed to work as expected with the GlpiInventory plugin without living the job in a “ko” status with just “n/a” as description while the inventory is still normally integrated
the Inventory task has received few improvements:
the support of SentinelOne antivirus on linux. It was implemented by a community contributor, many thanks to him !
the assetname-support option has been updated to authorize forcing the asset name with its FQDN on linux. Also that option also changes the computing of the agent name in the same way.
a fix related to the inventory of network cards on linux
an update to find the wifi card network speed on linux
the MacOSX package has been udpated to use OpenSSL 3.2.0
the Apple AppID for the MacOSX package has been updated
the 1.6 and 1.6.1 linux perl installers had a problem generating an error during agent update and this is now fixed
to optimize the running time while using a server url with SSL support, we decided to no more try to export the ssl key store if any of the options providing SSL server certificate authentication is still used
About the MSI windows installer, it appears the used perl version is now completely outdated and requires a very big update. This essentially concerns the OpenSSL and libssh2 libraries, the last been used for remote inventory. As we use StrawberryPerl and this project decided to no more support the 32 bits perl version, we decided the 1.7 version will be the last to provide GLPI Agent in 32 bits. This perl update will be the main goal of the next 1.8 version.
This version is compatible with GLPI 10.0.⚠️ This release requires some bugfixes in GLPI to work properly. These bugfixes are included in GLPI 10.0.9 or later. Please, ensure your GLPI is up to date to prevent useless bug reports.
Bug Fixes
Adding READ right for display reservations menu tab (03e6281e)
New version GLPI 10.0.7: A new GLPI version is available.
This release fixes several security issues that have been recently discovered. Update is recommended!
You can download the GLPI 10.0.7 archive on GitHub. We still maintain maintain the 9.5 branch for security fixes and we also release a new version for it: GLPI 9.5.13 archive
You will find below the list of security issues fixed in this bugfixes version:
[SECURITY - High] SQL injection and Stored XSS via inventory agent request (CVE-2023-28849).
[SECURITY - High] Account takeover by authenticated user (CVE-2023-28632).
[SECURITY - High] SQL injection through dynamic reports (CVE-2023-28838).
[SECURITY - Moderate] Stored XSS through dashboard administration (CVE-2023-28852).
[SECURITY - Moderate] Stored XSS on external links (CVE-2023-28636).
[SECURITY - Moderate] Reflected XSS in search pages (CVE-2023-28639).
[SECURITY - Moderate] Privilege Escalation from technician to super-admin (CVE-2023-28634).
We would like to announce that official support for GLPI 9.5.x will be discontinued on 30.06.2023. Starting from the 1st of July 2023 (3 years after the first launch of this version) we will have to say goodbye - there will be no new releases 9.5.x.
It is mandatory to migrate to GLPI 10.0.x in order to be covered by official support.
How-to MIGRATE:
—OPTION 1: You can do the migration via official partners-integrators (if you have a valid GLPI Network Subscription); or
—OPTION 2: If you choose GLPI Network Cloud, we offer a free data migration from on-premise for everyone.
We ask you to communicate the upcoming changes to your customers and finish migrations before 30.06.2023.
Thank you!
This version is compatible with GLPI 10.0.
Upgrade from 2.13.0 or later
A database sanity check is done before running the upgrade. If the tables of the plugin have a difference with the expected schema the upgrade will fail with a message similar to the following:
The database schema is not consistent with the installed Formcreator 2.13.0. To see the logs enable the plugin and run the command bin/console glpi:database:check_schema_integrity -p formcreator
It is required to fix the database, using the diff produced by the CLI command given in the message. Once done, try again to upgrade.
ℹ️ If you know what you are doing you may bypass the sanity check from CLI with the following command.
In a few weeks we will launch the first beta version of GLPI 10. We are working on the last technical elements and preparing the release of compatible plugins on the Marketplace.
One of the biggest news of this version is a major overhaul of the interface and the user experience. The latest redesign since version 0.90 was done in October 2015.
The integration of these standard libraries will make it easier to develop new interfaces and above all brings a "responsive" display mode that is easier to maintain.
Here are some screenshots to give you an overview of the upcoming changes.
Beyond the change in design, we are making a number of user experience improvements, here is the list of key points:
Vertical menu
As you have noticed on the previous screenshots, GLPI now offers by default a layout with a vertical menu. It is still possible to switch to a layout similar to previous versions (named Horizontal) in user settings.
In the new layout it is possible to collapse the menu to have a compact display.
Button "Go to…"
Available since version 9.2 the "Go to" feature which allows a quick search of a menu is now highlighted and can be discovered on top of the menu.
The park equipment now has a panel on their right side where you can click on the images attached.
"Saved search" panel
The "saved search" panel now integrated into GLPI design. You can set it floating, or pinned to pages (to be kept permanently (even after browsing)).
Pinning is done page by page, e.g. a panel pinned to "tickets" will not be pinned to computers.
Note that now you can find it in the first tab, the saved searches corresponding to the type of object: list of tickets will be displayed according to priority of saved searches.
Second tab lists all other searches concerning other types of objects.
As the panel is now contextual to the type of object presented, you can access it via an icon named "Lists" placed next to the breadcrumb trail.
Invisible search engine
It is now possible to deactivate the display of the search engine.
You can navigate in GLPI only using saved searches!
Dynamic loading of search results
The search engine display is now launched in "AJAX" mode. A loading icon is displayed when a search is launched, page changes or sorting is in process. Once new results are available, only the content is replaced and not the entire page.
Multi-sorting of results
With a "ctrl" you can add several sorting modes to the columns of your search results.
Example: sort by "Name" and by "Modification date".
Page of park elements.
The main element form now displays a panel on the right displaying the images associated with the corresponding model. These images could be previously accessed only in the display part of data center racks, now they are available everywhere.
Redesign of ITIL objects
Display and use of ITIL objects (Tickets, Problems and Changes) are thoroughly reviewed.
Many changes were made:
The order of messages in the "timeline" now goes from the oldest to the most recent, starting from top to bottom, following a usual reading order. New answer now placed below the last one.
A side panel contains the additional information of tickets (dates, priority matrix, actors, etc.). This panel can be temporarily enlarged. We also group by these changes the main tabs and "timeline" within the same view.
Documents added to the timeline are now displayed below the parent object (tracker, task) in a contextual way for easier reading.
Each of the types of actors (requesters, observer and assigned) are now displayed in a single field. Previously, several clicks were required to select a group or a user and then choose the final actor. It is now a single drop-down list unifying all possible objects (differentiating them with an icon) and providing autocompletion.
A button at the bottom of the main view allows you to switch to a "TODO list" view displaying the tasks and validation requests in an interactive vertical list, allowing you to follow the progress of a ticket (or another ITIL object)
New colors
With the arrival of new libraries tabler and Bootstrap 5, it is now much easier to create and modify GLPI palletes.
Pour offrir les meilleures expériences, nous utilisons des technologies telles que les cookies pour stocker et/ou accéder aux informations des appareils. Le fait de consentir à ces technologies nous permettra de traiter des données telles que le comportement de navigation ou les ID uniques sur ce site. Le fait de ne pas consentir ou de retirer son consentement peut avoir un effet négatif sur certaines caractéristiques et fonctions.
Fonctionnel
Always active
L’accès ou le stockage technique est strictement nécessaire dans la finalité d’intérêt légitime de permettre l’utilisation d’un service spécifique explicitement demandé par l’abonné ou l’utilisateur, ou dans le seul but d’effectuer la transmission d’une communication sur un réseau de communications électroniques.
Préférences
L’accès ou le stockage technique est nécessaire dans la finalité d’intérêt légitime de stocker des préférences qui ne sont pas demandées par l’abonné ou l’internaute.
Statistiques
Le stockage ou l’accès technique qui est utilisé exclusivement à des fins statistiques.Le stockage ou l’accès technique qui est utilisé exclusivement dans des finalités statistiques anonymes. En l’absence d’une assignation à comparaître, d’une conformité volontaire de la part de votre fournisseur d’accès à internet ou d’enregistrements supplémentaires provenant d’une tierce partie, les informations stockées ou extraites à cette seule fin ne peuvent généralement pas être utilisées pour vous identifier.
Marketing
L’accès ou le stockage technique est nécessaire pour créer des profils d’internautes afin d’envoyer des publicités, ou pour suivre l’utilisateur sur un site web ou sur plusieurs sites web ayant des finalités marketing similaires.
