| Release | Version |
|---|---|
| jessie | 1.3.3-1 |
| stretch | 1.3.3-4+deb9u1 |
| buster | 1.3.6-1 |
| buster (security) | 1.3.6-1+deb10u1 |
| bullseye | 1.3.8-1 |
| bookworm | 1.6.0-1 |
| trixie | 1.6.0-1 |
| sid | 1.6.0-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-39369 | vulnerable | fixed | fixed | vulnerable | fixed | fixed | fixed | phpCAS is an authentication library that allows PHP applications to ea ... |
| CVE-2017-1000071 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass i ... |
| Bug | Description |
|---|---|
| CVE-2014-4172 | A URL parameter injection vulnerability was found in the back-channel ... |
| CVE-2012-5583 | phpCAS before 1.3.2 does not verify that the server hostname matches a ... |
| DSA / DLA | Description |
|---|---|
| ELA-890-1 | php-cas - security update |
| DLA-3485-1 | php-cas - security update |
| DSA-3017-1 | php-cas - security update |