Oval Definition:oval:org.mitre.oval:def:26505
Revision Date:2014-10-27Version:4
Title:DSA-3017-1 php-cas - security update
Description:Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-4172
DSA-3017-1
Platform(s):Debian GNU/kFreeBSD 7.0
Debian GNU/Linux 7.0
Product(s):php-cas
Definition Synopsis
  • Debian 7 is installed
  • AND GNU/Linux or GNU/kFreeBSD kernel
  • Debian GNU/Linux is installed
  • OR Debian GNU/kFreeBSD is installed
  • AND php-cas DPKG is earlier than 0:1.3.1-4+deb7u1
    • BACK