Category Archives: Fedora

Fedora – Security Updates

php-pear-CAS-1.3.5-1.fc25

**Changes in version 1.3.5**

* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)

* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)

* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)

php-pear-CAS-1.3.5-1.el6.1

**Changes in version 1.3.5**

* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)

* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)

* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)

php-pear-CAS-1.3.5-1.fc26

**Changes in version 1.3.5**

* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)

* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)

* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)

php-pear-CAS-1.3.5-1.fc24

**Changes in version 1.3.5**

* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)

* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)

* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)

proftpd-1.3.5e-1.el7

Current upstream maintenance release for the 1.3.5 series.

Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.

proftpd-1.3.5e-1.fc25

Current upstream maintenance release for the 1.3.5 series.

Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.

proftpd-1.3.5e-1.fc26

Current upstream maintenance release for the 1.3.5 series.

Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.

proftpd-1.3.5e-1.fc24

Current upstream maintenance release for the 1.3.5 series.

Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.