[ubuntu/jammy-updates] ocsinventory-server 2.8.1+dfsg1-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Jul 24 20:28:10 UTC 2024
ocsinventory-server (2.8.1+dfsg1-1ubuntu0.1) jammy-security; urgency=medium
* Fixed PHP 8 compatibility issues
- debian/patches/fix-php8-compatibility.patch.
* Fixed CAS authentication
- debian/patches/fix_cas_auth.patch: added missing required configuration.
* Added patch to support php-cas fixed for CVE-2022-39369
- debian/patches/fix-php-cas-api-change-for-cve-2023-39369.patch
* SECURITY UPDATE: Authentication bypass vulnerability in PHP-CAS Client.php
- debian/patches/CVE-2022-39369.patch: Add ServerName classes and required
service_name constructor argument.
- CVE-2022-39369
Date: 2024-07-24 14:51:10.172829+00:00
Changed-By: Federico Quattrin <federico.quattrin at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/ocsinventory-server/2.8.1+dfsg1-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list