www/glpi: Security Update to 10.0.7

ChangeLog: https://github.com/glpi-project/glpi/releases/tag/10.0.7

• [SECURITY - High] SQL injection and Stored XSS via inventory agent request
• [SECURITY - High] Account takeover by authenticated user
• [SECURITY - High] SQL injection through dynamic reports
• [SECURITY - Moderate] Stored XSS through dashboard administration
• [SECURITY - Moderate] Stored XSS on external links
• [SECURITY - Moderate] Reflected XSS in search pages
• [SECURITY - Moderate] Privilege Escalation from technician to super-admin
• [SECURITY - Low] Blind Server-Side Request Forgery
• [SECURITY] Optional GLPI router to be able to use a safer web server root directory.
• [FEATURE] Support of SMTP OAuth authentication.
• [FEATURE] Improved inventory file upload feature.
• [FIX] Many fixes and improvements on native inventory.
• [FIX] Some bugs on PHP 8.2.
• [FIX] Caching issues on entities.
• [FIX] Boolean FullText operator not working on knowledge base search.
• [FIX] Unexpected search results when using negative condition on ticket actors.
• [FIX] Issues with LDAP filters/DN.
• [FIX] Unexpected results when searching on knowledge base categories.

PR: 271286
Reported by: mathias@monnerville.com (maintainer)
Security: CVE-2023-28632

		CVE-2023-28633
		CVE-2023-28634
		CVE-2023-28636
		CVE-2023-28639
		CVE-2023-28838
		CVE-2023-28849
		CVE-2023-28852

(cherry picked from commit 6fd976d1b3a5d248248c1c44393a7c921af9caea)