Fedora 24 : php-pear-CAS (2017-d9d620366e)

high Nessus Plugin ID 99614

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

**Changes in version 1.3.5**

- Security Fixes :

- Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)

- Bug Fixes :

- Fix file permissions (non-executable) [#177] (Remi Collet)

- Fixed translations Greek and Japanese [#192] (ikari7789)

- Fix errors under phpdbg [#204] (MasonM)

- Fix logout replication error [#213] (Gregory Boddin)

- Improvement :

- Add more debug info to logout code [#95] (Joachim Fritschi)

- Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)

- Improved verification of supplied CA arguments [#172] (Joachim Fritschi)

- Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)

- Add message to CAS_Authentication_Exception [#197] (Baldinof)

- Ingnore composer related files and directories [#201] (greg0ire)

- Add setter for cas client [#206] (greg0ire)

- Add callback for attribute parsing [#205] (Gregory Boddin)

- Added setter for base url [#208] (LeopardDennis)

- Fix documentation of code documentation [#216] (erozqba)

- Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)

- Add language support for simplified chinese [#227] (phy25)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php-pear-CAS package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2017-d9d620366e

Plugin Details

Severity: High

ID: 99614

File Name: fedora_2017-d9d620366e.nasl

Version: 3.4

Type: local

Agent: unix

Published: 4/24/2017

Updated: 1/6/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php-pear-cas, cpe:/o:fedoraproject:fedora:24

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 4/22/2017

Vulnerability Publication Date: 4/22/2017

Reference Information