#24422 – Multiple phpCAS library vulnerabilities: CVE-2010-2795, CVE-2010-2796, CVE-2010-3690, CVE-2010-3691, CVE-2010-3692

Bug 24422 - Multiple phpCAS library vulnerabilities: CVE-2010-2795, CVE-2010-2796, CVE-2010-3690, CVE-2010-3691, CVE-2010-3692

Summary: Multiple phpCAS library vulnerabilities: CVE-2010-2795, CVE-2010-2796, CVE-20...

Status:	CLOSED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	moodle (show other bugs)
Version:	unstable
Hardware:	all Linux

Importance:	P3 blocker
Assignee:	Andrey Cherepanov
QA Contact:	qa-sisyphus

URL:	http://moodle.org/mod/forum/discuss.p...
Keywords:	security

Depends on:
Blocks:

Reported:	2010-10-26 01:39 MSD by Vladimir Lettiev
Modified:	2012-01-04 23:16 MSK (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladimir Lettiev 2010-10-26 01:39:53 MSD

The CAS authentication plugin is using the phpCAS library internally. The latest version contains fixes for multiple security problems.

Fixed in moodle >= 1.9.10

Comment 1 Michael Shigorin 2012-01-04 23:16:41 MSK

moodle-1.9.15.20111223-alt1 сойдёт?