Advisories » MGASA-2014-0387

Updated php-pear-CAS packages fix CVE-2014-4172

Publication date: 24 Sep 2014
Modification date: 24 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4172

Description

Updated php-pear-CAS packages fix security vulnerabilities:

A flaw in php-pear-CAS before 1.3.3, utilized by Moodle, has been found which
could potentially allow unauthorised access and privilege escalation
(CVE-2014-4172).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=14139
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4172

SRPMS

3/core

• php-pear-CAS-1.3.3-1.mga3

4/core

• php-pear-CAS-1.3.3-1.mga4