You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Jérôme Leleu (JIRA)" <ji...@apache.org> on 2014/09/15 13:10:34 UTC

[jira] [Commented] (SHIRO-518) Shiro-CAS: Security Problem in cas-client-core versions older than 3.3.2

    [ https://issues.apache.org/jira/browse/SHIRO-518?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14133790#comment-14133790 ] 

Jérôme Leleu commented on SHIRO-518:
------------------------------------

You're right. Do you plan to provide a patch or do you want me to handle it?


> Shiro-CAS: Security Problem in cas-client-core versions older than 3.3.2
> ------------------------------------------------------------------------
>
>                 Key: SHIRO-518
>                 URL: https://issues.apache.org/jira/browse/SHIRO-518
>             Project: Shiro
>          Issue Type: Bug
>          Components: Authentication (log-in), Web
>    Affects Versions: 1.2.0, 1.2.1, 1.2.2
>            Reporter: Philipp Berger
>            Priority: Blocker
>             Fix For: 1.2.3, 1.3.0, 2.0.0
>
>   Original Estimate: 20m
>  Remaining Estimate: 20m
>
> There is a Security Problem in cas-client-core for all versions before 3.3.2.
> Please update version of cas-client-core in pom.xml of shiro-cas.
> For more information, please visit the following links:
> https://issues.jasig.org/browse/CASC-228
> https://www.mail-archive.com/cas-user@lists.jasig.org/msg17338.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)