{"id":409895,"date":"2020-10-07T10:08:42","date_gmt":"2020-10-07T09:08:42","guid":{"rendered":"https:\/\/glpi-project.org\/?p=409895"},"modified":"2025-06-16T13:23:15","modified_gmt":"2025-06-16T12:23:15","slug":"glpi-9-5-2","status":"publish","type":"post","link":"https:\/\/www.glpi-project.org\/fr\/glpi-9-5-2\/","title":{"rendered":"GLPI 9.5.2"},"content":{"rendered":"<p>After several weeks, Teclib\u2019 is happy to announce the release of GLPI 9.5.2.<\/p>\n<p>\u00a0<\/p>\n<blockquote>\n<p><strong>This release fixes several security issues that has been recently discovered. Update is strongly recommended!<\/strong><\/p>\n<p>\u00a0<\/p>\n<\/blockquote>\n<p>You can download the\u00a0<strong><a href=\"https:\/\/github.com\/glpi-project\/glpi\/releases\/download\/9.5.2\/glpi-9.5.2.tgz\" target=\"_blank\" rel=\"noreferrer noopener\">GLPI 9.5.2 archive<\/a><\/strong>\u00a0on GitHub.<\/p>\n<p>Here is the list of security flaws detected and fixed in this version:<\/p>\n<ul>\n<li class=\"\">[security] SQL injection with a query parameter of user form (CVE-2020-15176)<\/li>\n<li class=\"\">[security] Removal of\u00a0<code>.htaccess<\/code>\u00a0file in the\u00a0<code>files<\/code>\u00a0folder via a plugin endpoint (CVE-2020-15175)<\/li>\n<li class=\"\">[security] Leakage issue with knowledge base (CVE-2020-15217)<\/li>\n<li class=\"\">[security] Stored XSS in install script (CVE-2020-15177)<\/li>\n<li class=\"\">[security] Minor SQL Injection in\u00a0<code>Search<\/code>\u00a0API (CVE-2020-15226)<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>Note, some are present since a long time (0.68).<\/p>\n<p>\u00a0<\/p>\n<p>We also fixed a lot of issues, here are important ones:<\/p>\n<p>\u00a0<\/p>\n<ul>\n<li class=\"\">mailgates issues:\n<ul>\n<li class=\"\">encoding errors<\/li>\n<li class=\"\">missing images in some tickets<\/li>\n<li class=\"\">exceptions for some particular messages<\/li>\n<\/ul>\n<\/li>\n<li class=\"\">a small notice (<code>listTables<\/code>) was visible while updating to 9.5.1.<\/li>\n<li class=\"\">in some rare cases, the encryption process of passwords could fail<\/li>\n<li class=\"\">For the dashboards:\n<ul>\n<li class=\"\">fix user preferences<\/li>\n<li class=\"\">fix overlap of mini dashboard above tickets list<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>And we worked on improving the dashboards:<\/p>\n<ul>\n<li class=\"\">new summary widget<\/li>\n<li class=\"\">new articles widget<\/li>\n<li class=\"\">display labels on point and bar (with a new available option)<\/li>\n<li class=\"\">cards have now a minimum size<\/li>\n<li class=\"\"><strong>we added personnal filters.<\/strong>\u00a0Toggle edit mode, and add filters on top of dashboards.<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p>The\u00a0<strong><a href=\"https:\/\/github.com\/glpi-project\/glpi\/milestone\/43?closed=1\" target=\"_blank\" rel=\"noreferrer noopener\">full changelog is available<\/a><\/strong>\u00a0for more details.<\/p>\n<p>We would like to thank all people who contributed to this new version and all those who contributes regularly to the GLPI project!<\/p>\n<p>Regards.<\/p>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>After several weeks, Teclib\u2019 is happy to announce the release of GLPI 9.5.2. \u00a0 This release fixes several security issues that has been recently discovered. Update is strongly recommended! \u00a0 You can download the\u00a0GLPI 9.5.2 archive\u00a0on GitHub. Here is the list of security flaws detected and fixed in this version: [security] SQL injection with a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[155],"tags":[42],"class_list":["post-409895","post","type-post","status-publish","format-standard","hentry","category-versions","tag-glpi-releases"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/posts\/409895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/comments?post=409895"}],"version-history":[{"count":1,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/posts\/409895\/revisions"}],"predecessor-version":[{"id":436433,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/posts\/409895\/revisions\/436433"}],"wp:attachment":[{"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/media?parent=409895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/categories?post=409895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.glpi-project.org\/fr\/wp-json\/wp\/v2\/tags?post=409895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}