An information disclosure vulnerability exists in Adobe Type Manager Font Driver (ATMFD.dll). The vulnerability is caused when the Adobe Type Manager Font Driver (ATMFD.dll) improperly handles objects in memory. An attacker can exploit this vulnerability by enticing a user to open a specially crafted document resulting in undesired information disclosure.
Category Archives: Security
Security
Microsoft Win32k Elevation of Privilege (CVE-2017-0189)
An elevation of privilege vulnerability exists in Windows. The vulnerability occurs when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode with full user rights.
Microsoft Windows Graphics Elevation of Privilege (CVE-2017-0155)
An elevation of privilege vulnerability exists in Windows Graphics Device Interface (GDI). The vulnerability is caused when the Windows Graphics Device Interface fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted file.
php-pear-CAS-1.3.5-1.el7
**Changes in version 1.3.5**
* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)
* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)
* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)
php-pear-CAS-1.3.5-1.fc25
**Changes in version 1.3.5**
* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)
* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)
* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)
php-pear-CAS-1.3.5-1.el6.1
**Changes in version 1.3.5**
* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)
* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)
* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)
php-pear-CAS-1.3.5-1.fc26
**Changes in version 1.3.5**
* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)
* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)
* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)
php-pear-CAS-1.3.5-1.fc24
**Changes in version 1.3.5**
* Security Fixes:
* Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin)
* Bug Fixes:
* Fix file permissions (non-executable) [#177] (Remi Collet)
* Fixed translations Greek and Japanese [#192] (ikari7789)
* Fix errors under phpdbg [#204] (MasonM)
* Fix logout replication error [#213] (Gregory Boddin)
* Improvement:
* Add more debug info to logout code [#95] (Joachim Fritschi)
* Allow longer ticket >32 chars for PGTStorage [#130] (Joachim Fritchi)
* Improved verification of supplied CA arguments [#172] (Joachim Fritschi)
* Change minimum supported php version to 5.4 in documentation (Joachim Fritschi)
* Add message to CAS_Authentication_Exception [#197] (Baldinof)
* Ingnore composer related files and directories [#201] (greg0ire)
* Add setter for cas client [#206] (greg0ire)
* Add callback for attribute parsing [#205] (Gregory Boddin)
* Added setter for base url [#208] (LeopardDennis)
* Fix documentation of code documentation [#216] (erozqba)
* Improved https detection by HTTP_X_FORWARDED_Protocol [#220] (Gregory Boddin)
* Add language support for simplified chinese [#227] (phy25)
Ubuntu Security Notice USN-3258-1
Ubuntu Security Notice 3258-1 – It was discovered that Dovecot incorrectly handled some usernames. An attacker could possibly use this issue to cause Dovecot to hang or crash, resulting in a denial of service.
Gentoo Linux Security Advisory 201704-03
Gentoo Linux Security Advisory 201704-3 – Multiple vulnerabilities have been found in X.Org server and libraries, the worse of which allowing local attackers to execute arbitrary code. Versions less than 1.19.2 are affected.