Hi,
sorry for that. But the PEAR support was broken somehow during our
major overhaul of the package an we somehow missed to fix that issue
before 1.3.0.
An issue is already open at github [1] and we will package an updated
version as soon as possible.
Cheers,
Joachim
[1] https://github.com/Jasig/phpCAS/issues/30
On 13.03.2012 21:19, Charles H. Leggett wrote:
Joachim et al.,
I am having trouble installing phpCAS (CAS-1.3.0) with pear …
chl@www:~$ sudo pear install
http://downloads.jasig.org/cas-clients/php/1.3.0/CAS-1.3.0.tgz
downloading CAS-1.3.0.tgz ...
Starting to download CAS-1.3.0.tgz (89,183 bytes)
.....................done: 89,183 bytes
could not extract the package.xml file from
"/build/buildd/php5-5.3.6/pear-build-download/CAS-1.3.0.tgz"
Download of "http://downloads.jasig.org/cas-clients/php/1.3.0/CAS-1.3.0.tgz";
succeeded, but it is not a valid package archive
Invalid or missing remote package file
install failed
chl@www:~$
… I was able to install CAS-1.2.2 without issue ...
chl@www:~$ sudo pear install
http://downloads.jasig.org/cas-clients/php/1.2.2/CAS-1.2.2.tgz
downloading CAS-1.2.2.tgz ...
Starting to download CAS-1.2.2.tgz (363,264 bytes)
.........................................................................done:
363,264 bytes
install ok: channel://__uri/CAS-1.2.2
chl@www:~$
Here's my environment:
chl@www:~$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=11.10
DISTRIB_CODENAME=oneiric
DISTRIB_DESCRIPTION="Ubuntu 11.10"
chl@www:~$ uname -a
Linux www 3.0.0-16-server #29-Ubuntu SMP Tue Feb 14 13:08:12 UTC 2012 x86_64
x86_64 x86_64 GNU/Linux
chl@www:~$
Let me know if you would like more information from me.
On Mar 11, 2012, at 6:38 AM, Joachim Fritschi wrote:
Dear CAS Community,
we are pleased to announce the new 1.3.0 release [1] for phpCAS. This release
is a continuation of the 1.2.x tree.
Since we were forced to do some changes that touched the external user api,
package layout, licensing (now Apache License) and the behavior we have opted
to bump the version number to make this clear to the users.
For most users the release should be a drop-in replacement but especially
people using the proxy features of phpCAS should have a closer look at the
Changelog [2] and the Upgrading docs [3]
The current release also fixes 2 security problems. (CVE-2012-1104,
CVE-2012-1105): phpCAS did not validate proxy tickets and their chain properly.
Any authorized proxy with a valid user PT could proxy any other service for the
user.
The other issue was the missing protection of the debug log or locally stored
session files on proxy mode. This especially relevant in shared server
environments. For details please refer to the Changelog[2] and the issues on
github/jira [5].
Thanks to everyone who contributed and made this release possible. This release
contains a lot of new features [2] and also a lot more and better
documentation. [4]
Cheers,
Joachim
[1] http://downloads.jasig.org/cas-clients/php/1.3.0/
[2] https://github.com/Jasig/phpCAS/blob/master/docs/ChangeLog
[3] https://github.com/Jasig/phpCAS/blob/master/docs/Upgrading
[4] https://wiki.jasig.org/display/CASC/phpCAS
[5] https://github.com/Jasig/phpCAS
--
You are currently subscribed to cas-dev@lists.jasig.org as: c...@uga.edu
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
Charles H. Leggett
Information Security Architect
c...@uga.edu
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
