-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3059-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff October 29, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dokuwiki CVE ID : CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764 Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication. For the stable distribution (wheezy), these problems have been fixed in version 0.0.20120125b-2+deb7u1. For the unstable distribution (sid), these problems have been fixed in version 0.0.20140929.a-1. We recommend that you upgrade your dokuwiki packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUUTDUAAoJEBDCk7bDfE42VjwP/iHt/wO7rlL+1ClvL0JtqFe3 AQRhLwZE/abLsu1JSjBcB4uT58YnI/woP2IvMK02MxRdMFUbllqEQUvfM+XQo/mh HtvC9AjwzY6E4qeudWtkfzA4t4+g3OHEoboo6Phaj34ZteaCoJEZslfD0o/WpGDV igNFxCqvczCUQLGOcvgB+2LOTvVhUjQCjuUhdNvhHe/jehdpXbYC01CqigEQzQSy Sfbbz6mlnj3/PLSY9bMVGQGmhOgr5q17MMhO8OW4sBVPLvNomUHqIySEeo46xhOI x4we68w4pa4aV8W80ke/VkIn1AiqjEXwMzs/Go5N+Skuwwy77H4UZGq6aq4U9qYT 5NPGCHwFDuC2vC7zC52rcs0GW5MAn5So3pkZx+t8je07O2pWVA31+Q2OBsbLWBMJ 8LkAXiZOAuNafmIOCHvA1fys6mSxP9E+TSN5ssUcFRlcn7vOeIbvmEpXvRt/Kggm QqiRfNVqkeaiPWacV9TaycyzZsM71dxQFPWutyln4zCCqT1waxT5ry9MRz3pAEHG k5gE5lEjqYHWwmpHXt246tQ93PcdjcetLr2V8LCBQuzEHczfSXSAuNfTcHNuGoYX ch06m3nwT+NqPY8uM57a39z4KerzndO6+xb+pav+FWB3zjfj9VffqPUn6eH7skpO 574YUoKw2HZRmPgfY3Qj =6JJe -----END PGP SIGNATURE-----