[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted phpmyadmin 4:2.9.1.1-6 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  7 Nov 2007 14:41:34 +0100
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:2.9.1.1-6
Distribution: stable-security
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 phpmyadmin - Administrate MySQL over the WWW
Closes: 446451
Changes: 
 phpmyadmin (4:2.9.1.1-6) stable-security; urgency=high
 .
   * Update for etch to address a security issue.
   * Cross-site scripting (XSS) vulnerability in scripts/setup.php in
     phpMyAdmin 2.11.1, when accessed by a browser that does not
     URL-encode requests, allows remote attackers to inject arbitrary
     web script or HTML via the query string.
     (CVE-2007-5386, PMASA-2007-5, closes: #446451)
 .
 phpmyadmin (4:2.9.1.1-5) stable-security; urgency=high
 .
   * Update for etch to address a security issue.
   * Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before
     2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via
     certain input available in (1) PHP_SELF in (a) server_status.php, and (b)
     grab_globals.lib.php, (c) display_change_password.lib.php, and (d)
     common.lib.php in libraries/; and certain input available in PHP_SELF and
     (2) PATH_INFO in libraries/common.inc.php.
     (CVE-2007-5589, PMASA-2007-6)
Files: 
 130531a7ffe3fd67421985abc0d7e3c1 1011 web extra phpmyadmin_2.9.1.1-6.dsc
 0ea3fc9730fb32d1587e0757d3fbee25 49749 web extra phpmyadmin_2.9.1.1-6.diff.gz
 be23322772089af7b429c01b65fe1469 3606276 web extra phpmyadmin_2.9.1.1-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRzHCuGz0hbPcukPfAQJIJAgAinZVcf8SLMIy1ILBbr2EYeuhsOf4eJ1R
5cfdEYjDxDBPtag+WTr0BH3kSuej5iYTCjwh1JxE1z7DtAc5YdDT70XN/iELk6WO
6Usmx8xhC3PtwOxGyjxoAk9yKygshlWk7oRmM6sqMqIYPmzVzAV8W/jpzRadVt7z
1HIAuJGLXc0sjwFCazUVHheaALf/e4vSKcO2EHRVK/+djo5/Ef9RwuffMdr0owFW
QbsO3/ni/VrhNscpfLMhUxdGNd3I1YtDjFcO1vU3Fl4oOSZUksIl3PD7xSue8jEf
SpUaXZ167Edi5A1LEEWUgDefsWTL9MpS+V+ZEcKm3sRJ0wu1+Pk21Q==
=BKhS
-----END PGP SIGNATURE-----


Accepted:
phpmyadmin_2.9.1.1-6.diff.gz
  to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-6.diff.gz
phpmyadmin_2.9.1.1-6.dsc
  to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-6.dsc
phpmyadmin_2.9.1.1-6_all.deb
  to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-6_all.deb


Reply to: