Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Jul 2014 14:45:04 +0200
From: Raphael Geissert <>
To: Open Source Security <>
Subject: GLPI: unprivileged users can access cost information


A bug has been identified by Simone Imeri in GLPI where a user without
access to cost information can in fact see the information when
selecting cost as a search criteria[1]. This is fixed by commit [2]
which appears to have been included for version  0.84.7 [3].

I believe this should get a CVE id.


Raphael Geissert - Debian Developer -

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ