Fedora 21: FEDORA-2015-6392 Moderate Cherokee Authentication Bypass
fedora
April 27, 2015
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Summary
Cherokee is a very fast, flexible and easy to configure Web Server. It supports
the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI, TLS and SSL
encrypted connections, Virtual hosts, Authentication, on the fly encoding,
Apache compatible log files, and much more.
Update Information:
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Topics Covered
Change Log
* Wed Apr 15 2015 Pavel Lisý
References
[ 1 ] Bug #1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1114461
[ 2 ] Bug #1094901 - cherokee: script and/or trigger should not directly enable systemd units
https://bugzilla.redhat.com/show_bug.cgi?id=1094901
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update cherokee' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: cherokee
Product: Fedora 21
Version: 1.2.103
Release: 6.fc21
Summary: Flexible and Fast Webserver
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!