Is there a CVE number that corresponds with the vulnerability? The CVE number will help me to get approval for an unplanned upgrade to the CAS servers.
Thanks, Nancy Snoke From: [email protected] [mailto:[email protected]] On Behalf Of Misagh Moayyed Sent: Thursday, September 29, 2016 10:57 AM To: [email protected]; [email protected]; CAS Announce <[email protected]>; [email protected] Subject: [cas-dev] CAS 4.2.6 Release Announcement CAS 4.2.6 has been released. Among other things, this release addresses a rather serious security issue where successfully exercising this vulnerability may allow an adversary to gain insight into the running CAS server. If you have deployed **any version** of CAS 4.2.x, you **MUST** take action to upgrade. If you have deployed any **other** versions of CAS, disregard this issue. -- Misagh -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/. CONFIDENTIALITY NOTICE: This e-mail, including any attachments, may contain confidential, privileged and/or proprietary information which is solely for the use of the intended recipient(s). Any review, use, disclosure or retention by others is strictly prohibited. If you are not an intended recipient, please contact the sender and delete this e-mail, any attachments and all copies. Permanent General Assurance Corporation | Permanent General Assurance Corporation of Ohio | The General Automobile Insurance Company, Inc. | Home Office: 2636 Elm Hill Pike, Nashville, TN 37214 -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-dev/.
