[Samba] LDAP Account Manager 8.0 with important security fixes, PHP 8.1 compatibility and new captcha providers
Roland Gruber
post at rolandgruber.de
Mon Jun 27 19:53:35 UTC 2022
Announcement:
LAM adds support for PHP 8.1. LAM Pro includes two new captcha
providers: hCaptcha and Friendly Captcha.
This release fixes the following security issues:
* Unauthenticated Arbitrary Object Instantiation / Unauthenticated
Remote Code Execution (GHSA-r387-grjx-qgvw, CVE-2022-31084)
* Incorrect Default Permissions (GHSA-q8g5-45m4-q95p, CVE-2022-31087)
* Incorrect Regular Expressions (GHSA-q9pc-x84w-982x, CVE-2022-31086)
* Unauthenticated LDAP Injection (GHSA-wxf8-9x99-6gp4, CVE-2022-31088)
* Reflected XSS (Internet Explorer only) (GHSA-6m3q-5c84-6h6j,
CVE-2022-31085)
Full changelog:
https://www.ldap-account-manager.org/lamcms/changelog
Download:
https://www.ldap-account-manager.org/lamcms/releases
Features:
* management of various account types
* Unix
* Samba 4/Active Directory
* Asterisk
* Kopano
* DHCP
* SSH keys
* ...
* profiles for account creation
* account creation via file upload
* automatic creation/deletion of home directories
* setting quotas
* PDF output for all accounts
* editor for organizational units
* schema browser
* tree view
* 2FA support
Demo installation:
You can try our demo installation online.
https://www.ldap-account-manager.org/lamcms/liveDemo
Authors & Copyright:
Copyright (C) 2003 - 2022:
Roland Gruber <post at rolandgruber.de>
LAM is published under the GNU General Public License.
The complete list of licenses can be found in the copyright file.
More information about the samba
mailing list