- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2018-d809bd2fd6
2018-03-25 21:23:11.048265
——————————————————————————–
Name : php-simplesamlphp-saml2_1
Product : Fedora 26
Version : 1.10.6
Release : 1.fc26
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp (version 1)
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2_1/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2_1’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-f4ab4d96f9
2018-03-25 21:23:11.048351
——————————————————————————–
Name : php-simplesamlphp-saml2
Product : Fedora 26
Version : 2.3.8
Release : 1.fc26
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-f2097d8937
2018-03-25 21:23:11.048386
——————————————————————————–
Name : php-simplesamlphp-saml2_3
Product : Fedora 26
Version : 3.1.4
Release : 1.fc26
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp (version 3)
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2_3/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2_3’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-96601292a2
2018-03-25 21:48:21.221958
——————————————————————————–
Name : php-simplesamlphp-saml2_1
Product : Fedora 27
Version : 1.10.6
Release : 1.fc27
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp (version 1)
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2_1/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2_1’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-6db40b0c37
2018-03-25 21:48:21.222007
——————————————————————————–
Name : php-simplesamlphp-saml2
Product : Fedora 27
Version : 2.3.8
Release : 1.fc27
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2018-37e28670f2
2018-03-25 21:48:21.222030
——————————————————————————–
Name : php-simplesamlphp-saml2_3
Product : Fedora 27
Version : 3.1.4
Release : 3.fc27
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp (version 3)
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.
Autoloader: /usr/share/php/SAML2_3/autoload.php
[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/
——————————————————————————–
Update Information:
* [SSPSA 201803-01 /
CVE-2018-7711](https://simplesamlphp.org/security/201803-01) * [SSPSA 201802-01
/ CVE-2018-7644](https://simplesamlphp.org/security/201802-01) * [SSPSA
201801-01 / CVE-2018-6519](https://simplesamlphp.org/security/201801-01)
——————————————————————————–
References:
[ 1 ] Bug #1553357 – CVE-2018-7711 php-simplesamlphp-saml2: Authentication Bypass in the signature validation utilities
https://bugzilla.redhat.com/show_bug.cgi?id=1553357
[ 2 ] Bug #1553352 – CVE-2018-7644 php-simplesamlphp-saml2: Signature Validation Bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1553352
[ 3 ] Bug #1542244 – CVE-2018-6519 php-simplesamlphp-saml2: Denial of Service in xs:DateTime timestamp in SAML2 library
https://bugzilla.redhat.com/show_bug.cgi?id=1542244
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade php-simplesamlphp-saml2_3’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2018-03-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
