Debian Security Advisory
DSA-2172-1 moodle -- several vulnerabilities
- Date Reported:
- 22 Feb 2011
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2010-2795, CVE-2010-2796, CVE-2010-3690, CVE-2010-3691, CVE-2010-3692.
- More information:
Several vulnerabilties have been discovered in phpCAS, a CAS client library for PHP. The Moodle course management system includes a copy of phpCAS.
For the oldstable distribution (lenny), this problem has been fixed in version 1.8.13-3.
The stable distribution (squeeze) already contains a fixed version of phpCAS.
The unstable distribution (sid) already contains a fixed version of phpCAS.
We recommend that you upgrade your moodle packages.