21 September 2013

Security alert

A security update (GLPI 0.84.2) was published on September 12th 2013 in order to correct a security issue in the installation process.

As always, we have highly incited our users to update their GLPI.

We have just discovered that a company is publishing on the web a complete script which enables to massively exploit this security issue.

In order to avoid any malevolence, we strongly and urgently recommend all our users to update their GLPI with the 0.84.2 version.

If you can’t update your GLPI, you can simply delete the ’intall/’ directory along with its content.

We totally disapprove of this kind of behaviour which, on the one hand, goes against the open-source ethics and on the other hand jeopardizes our users who are not responsible of our own mistakes.

Over the past tens years, we have always quoted and thanked the people who find security issues in our application. When such a problem occurs, our team of volunteers, who respect our users, work day and night to publish as quickly as possible a corrected version. It seems that not everyone is as respectful of users as we are...

[ Admin | ©2002-2018 INDEPNET ]

All published documents are on free licence Creative Commons BY-NC-SA.
Website build with SPIP by Jean-Mathieu Doléans and Fréderic Ginioux