Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in php-pear-CAS
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in php-pear-CAS
ID: FEDORA-2017-2f3096ba16
Distribution: Fedora
Plattformen: Fedora 26
Datum: Fr, 21. April 2017, 19:29
Referenzen: Keine Angabe

Originalnachricht

--------------------------------------------------------------------------------

Fedora Update Notification
FEDORA-2017-2f3096ba16
2017-04-21 14:26:09.115398
--------------------------------------------------------------------------------


Name : php-pear-CAS
Product : Fedora 26
Version : 1.3.5
Release : 1.fc26
URL : https://wiki.jasig.org/display/CASC/phpCAS
Summary : Central Authentication Service client library in php
Description :
This package is a PEAR library for using a Central Authentication Service.

Autoloader '%{pear_phpdir}/CAS/Autoload.php';

--------------------------------------------------------------------------------

Update Information:

**Changes in version 1.3.5** * Security Fixes: * Fix possible
authentication bypass in validateCAS20 [#228] (Gregory Boddin) * Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet) * Fixed
translations Greek and Japanese [#192] (ikari7789) * Fix errors under
phpdbg
[#204] (MasonM) * Fix logout replication error [#213] (Gregory Boddin) *
Improvement: * Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
*
Improved verification of supplied CA arguments [#172] (Joachim Fritschi) *
Change minimum supported php version to 5.4 in documentation (Joachim
Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof) * Ingnore
composer related files and directories [#201] (greg0ire) * Add setter for
cas client [#206] (greg0ire) * Add callback for attribute parsing [#205]
(Gregory Boddin) * Added setter for base url [#208] (LeopardDennis) *
Fix documentation of code documentation [#216] (erozqba) * Improved https
detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin) * Add
language support for simplified chinese [#227] (phy25)
--------------------------------------------------------------------------------


This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-pear-CAS' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung