Publishing details

Published on 2024-07-24

Changelog

ocsinventory-server (2.8.1+dfsg1-1ubuntu0.1) jammy-security; urgency=medium

  * Fixed PHP 8 compatibility issues
    - debian/patches/fix-php8-compatibility.patch.
  * Fixed CAS authentication
    - debian/patches/fix_cas_auth.patch: added missing required configuration.
  * Added patch to support php-cas fixed for CVE-2022-39369
    - debian/patches/fix-php-cas-api-change-for-cve-2023-39369.patch
  * SECURITY UPDATE: Authentication bypass vulnerability in PHP-CAS Client.php
    - debian/patches/CVE-2022-39369.patch: Add ServerName classes and required
      service_name constructor argument.
    - CVE-2022-39369

 -- Federico Quattrin <email address hidden>  Wed, 24 Jul 2024 10:20:05 -0300

Available diffs

diff from 2.8.1+dfsg1-1 (in Debian) to 2.8.1+dfsg1-1ubuntu0.1 (11.0 KiB)

Builds

amd64

Built packages

ocsinventory-reports Hardware and software inventory tool (Administration Console)

ocsinventory-server Hardware and software inventory tool (Communication Server)

Package files

ocsinventory-reports_2.8.1+dfsg1-1ubuntu0.1_all.deb (1.1 MiB)
ocsinventory-server_2.8.1+dfsg1-1ubuntu0.1.debian.tar.xz (27.0 KiB)
ocsinventory-server_2.8.1+dfsg1-1ubuntu0.1.dsc (2.0 KiB)
ocsinventory-server_2.8.1+dfsg1-1ubuntu0.1_all.deb (79.9 KiB)
ocsinventory-server_2.8.1+dfsg1.orig.tar.xz (1.3 MiB)