Advisories ยป MGASA-2014-0387

Updated php-pear-CAS packages fix CVE-2014-4172

Publication date: 24 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4172

Description

Updated php-pear-CAS packages fix security vulnerabilities:

A flaw in php-pear-CAS before 1.3.3, utilized by Moodle, has been found which
could potentially allow unauthorised access and privilege escalation
(CVE-2014-4172).
                

References

SRPMS

3/core

4/core