Debian Security Advisory
DSA-3059-1 dokuwiki -- security update
- Date Reported:
- 29 Oct 2014
- Affected Packages:
- dokuwiki
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-8761, CVE-2014-8762, CVE-2014-8763, CVE-2014-8764.
- More information:
-
Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication.
For the stable distribution (wheezy), these problems have been fixed in version 0.0.20120125b-2+deb7u1.
For the unstable distribution (sid), these problems have been fixed in version 0.0.20140929.a-1.
We recommend that you upgrade your dokuwiki packages.