Security Information / 2014 / Security Information -- DSA-3059-1 dokuwiki

Debian Security Advisory

DSA-3059-1 dokuwiki -- security update

Date Reported:

29 Oct 2014

Affected Packages:

dokuwiki

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2014-8761, CVE-2014-8762, CVE-2014-8763, CVE-2014-8764.

More information:

Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication.

For the stable distribution (wheezy), these problems have been fixed in version 0.0.20120125b-2+deb7u1.

For the unstable distribution (sid), these problems have been fixed in version 0.0.20140929.a-1.

We recommend that you upgrade your dokuwiki packages.