Sicherheit: Mangelnde Rechteprüfung in php-pear-CAS
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in php-pear-CAS
ID: FEDORA-2017-2a90185a04
Distribution: Fedora
Plattformen: Fedora 25
Datum: So, 23. April 2017, 09:32
Referenzen: Keine Angabe
Applikationen: php-pear-CAS



Fedora Update Notification
2017-04-22 03:35:57.948061

Name : php-pear-CAS
Product : Fedora 25
Version : 1.3.5
Release : 1.fc25
URL : https://wiki.jasig.org/display/CASC/phpCAS
Summary : Central Authentication Service client library in php
Description :
This package is a PEAR library for using a Central Authentication Service.

Autoloader '%{pear_phpdir}/CAS/Autoload.php';


Update Information:

**Changes in version 1.3.5** * Security Fixes: * Fix possible
authentication bypass in validateCAS20 [#228] (Gregory Boddin) * Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet) * Fixed
translations Greek and Japanese [#192] (ikari7789) * Fix errors under
[#204] (MasonM) * Fix logout replication error [#213] (Gregory Boddin) *
Improvement: * Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
Improved verification of supplied CA arguments [#172] (Joachim Fritschi) *
Change minimum supported php version to 5.4 in documentation (Joachim
* Add message to CAS_Authentication_Exception [#197] (Baldinof) * Ingnore
composer related files and directories [#201] (greg0ire) * Add setter for
cas client [#206] (greg0ire) * Add callback for attribute parsing [#205]
(Gregory Boddin) * Added setter for base url [#208] (LeopardDennis) *
Fix documentation of code documentation [#216] (erozqba) * Improved https
detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin) * Add
language support for simplified chinese [#227] (phy25)

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-pear-CAS' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten