=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2007/VULN552
_____________________________________________________________________

DATE                      : 28/12/2007

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Dokeos.

======================================================================
http://www.dokeos.com/forum/viewtopic.php?t=12232
______________________________________________________________________

Hi all,

There has been two security holes detected in Dokeos last week. We have
been working as quickly and seriously as possible to get you a patch in
time for the new year.

The details of the patch and what it fixes can be found on our wiki: 
http://www.dokeos.com/wiki/index.php/Security

Basically, you download the patch and uncompress it in you dokeos folder
and it will overwrite the existing files that need to be fixed.

This patch only works with Dokeos 1.8.4 so if you are still using an
older version, we highly recommend upgrading to 1.8.4. However, there is
a procedure described on the wiki page to fix one of these two bugs (the
most worrying one), and the second one shouldn't be present in Dokeos <1.8.0

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================