Описание
ELSA-2016-2809: ipsilon security update (IMPORTANT)
[1.0.0-13]
- Backport patch for CVE-2016-8638 RHBZ#1394116
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ipsilon
1.0.0-13.el7_3
ipsilon-authform
1.0.0-13.el7_3
ipsilon-authgssapi
1.0.0-13.el7_3
ipsilon-authldap
1.0.0-13.el7_3
ipsilon-base
1.0.0-13.el7_3
ipsilon-client
1.0.0-13.el7_3
ipsilon-filesystem
1.0.0-13.el7_3
ipsilon-infosssd
1.0.0-13.el7_3
ipsilon-persona
1.0.0-13.el7_3
ipsilon-saml2
1.0.0-13.el7_3
ipsilon-saml2-base
1.0.0-13.el7_3
ipsilon-tools-ipa
1.0.0-13.el7_3
Oracle Linux x86_64
ipsilon
1.0.0-13.el7_3
ipsilon-authform
1.0.0-13.el7_3
ipsilon-authgssapi
1.0.0-13.el7_3
ipsilon-authldap
1.0.0-13.el7_3
ipsilon-base
1.0.0-13.el7_3
ipsilon-client
1.0.0-13.el7_3
ipsilon-filesystem
1.0.0-13.el7_3
ipsilon-infosssd
1.0.0-13.el7_3
ipsilon-persona
1.0.0-13.el7_3
ipsilon-saml2
1.0.0-13.el7_3
ipsilon-saml2-base
1.0.0-13.el7_3
ipsilon-tools-ipa
1.0.0-13.el7_3
Связанные CVE
Связанные уязвимости
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability."
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active sessions from other users. It is also called a "SAML2 multi-session vulnerability."
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 bef ...
