Accepted phpmyadmin 4:4.5.4-1 (source all) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted phpmyadmin 4:4.5.4-1 (source all) into unstable
From: Michal Čihař <nijel@debian.org>
Date: Thu, 28 Jan 2016 09:56:20 +0000
Message-id: <[🔎] E1aOjJM-0006l2-Pw@franck.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 28 Jan 2016 09:41:38 +0100
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:4.5.4-1
Distribution: unstable
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Michal Čihař <nijel@debian.org>
Description:
 phpmyadmin - MySQL web administration tool
Closes: 811452
Changes:
 phpmyadmin (4:4.5.4-1) unstable; urgency=high
 .
   * New upstream release, fixes security issues:
     - Multiple full path disclosure vulnerabilities
     (PMASA-2016-1/CVE-2016-2038).
     - Unsafe generation of XSRF/CSRF token.
     (PMASA-2016-2/CVE-2016-2039).
     - Multiple XSS vulnerabilities.
     (PMASA-2016-3/CVE-2016-2040).
     - Insecure password generation in JavaScript.
     (PMASA-2016-4/CVE-2016-1927).
     - Unsafe comparison of XSRF/CSRF token.
     (PMASA-2016-5/CVE-2016-2041).
     - Multiple full path disclosure vulnerabilities.
     (PMASA-2016-6/CVE-2016-2042).
     - XSS vulnerability in normalization page.
     (PMASA-2016-7/CVE-2016-2043).
     - Full path disclosure vulnerability in SQL parser.
     (PMASA-2016-8/CVE-2016-2044).
     - XSS vulnerability in SQL editor.
     (PMASA-2016-9/CVE-2016-2045).
   * Add dependency on dbconfig-mysql (Closes: #811452).
   * Update upstream keyring as there is new release manager.
Checksums-Sha1:
 93e21050e13ae0e10a85428fcce946efb05ba238 1919 phpmyadmin_4.5.4-1.dsc
 e7a2744decb10f7cb28b252b211ff2d798783961 5810856 phpmyadmin_4.5.4.orig.tar.xz
 77182ad47d822c2dad02bd48f244e63606608013 76888 phpmyadmin_4.5.4-1.debian.tar.xz
 73e55a1d300a4ed94499eb6a2d30ed3be54ba93d 4017758 phpmyadmin_4.5.4-1_all.deb
Checksums-Sha256:
 898ef676ce45155a24895b3d39c62c099055879241e9df333e451155d8ba478c 1919 phpmyadmin_4.5.4-1.dsc
 544670aea61d40c1a6e569f0955de2725c354f61c959870749b525d6b3d503dd 5810856 phpmyadmin_4.5.4.orig.tar.xz
 23582ebd2d80a81e8a594fc00e71d6a4dffbf66f1a8e469b10653bc804a36a77 76888 phpmyadmin_4.5.4-1.debian.tar.xz
 705339f9e65f8f268b2cffe09b4718010558f245be779178245af203498cf938 4017758 phpmyadmin_4.5.4-1_all.deb
Files:
 7263cb6c02d9a6144fab11f092df9b46 1919 web extra phpmyadmin_4.5.4-1.dsc
 039646ceede77e78979500756875fdab 5810856 web extra phpmyadmin_4.5.4.orig.tar.xz
 e43f70938825d44e40f2547c16749956 76888 web extra phpmyadmin_4.5.4-1.debian.tar.xz
 8f051a7147d42f14e5fd5f74d24ad6b6 4017758 web extra phpmyadmin_4.5.4-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWqdTDAAoJEJwnsxNCt1EdZgAQAIZ1m+SkhcSLO77yxgcMMsgQ
sSWQlM+aBJtzsLm+cA5CNm0IIv4PIsPuVBwZtbwJEH0mwHdx1BSbruvnWEe1YFAB
iVO3X+l46Y9wBTMz3Z4r7nqmVc/plOxXKYQTzj+jv3h/6l1HMOdrYWp39howYznu
b/6OcfBciJE0Bk6R++gZVFBRkL1EnRSVfCyAQe+yCl5EfzpkRvsSgsPQj/XpM0/C
+QCr6tDMBXPt7pij2pYxe7ZPufjxob07Bawi42uY+RA1tOyCcXMndzBZYnJc18UH
NKWliLUxdoiaoGM7k0/4bFpKD+gSnLRsXnsAS3Nu+rDptXq6KVc2iV+PEarBC0PN
E6PbIPT+1KEJNE6A+isUXDZ0e9PXOEU9+Lv/kbL1lg/gDoIa99V1FZZkRuNXDV3T
ZVziakq9oDJ+4iQ2DoflCJ2SD7xn6xfj4pC2zc1bY8hTQoMQHpsOLLHk0RuV0wCh
3RsxWLQkHoVLEVUcM8y6HgFLEkPU7PRZPnWYurCp+OygnLyelPTqK2e3DRYs69LJ
ZF1ij4Al/CZeuTMQX9BCDcB/OvkLbrB7vqDxgOz+xHOPFz/qbc7I/6/tQ/yW3UOF
uBXyeAcjMT8Iyq5R4V6znxJVrnuXW28DofKyOKYuYwYwGbzlkbMhZ86T89jU1TYh
wy58NxNs0dnMrc8CoVea
=0p3d
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted maven-plugin-tools 3.3-4 (source all) into unstable
Next by Date: Accepted silverjuke 16.1.2-2 (source amd64) into unstable
Previous by thread: Accepted maven-plugin-tools 3.3-4 (source all) into unstable
Next by thread: Accepted silverjuke 16.1.2-2 (source amd64) into unstable
Index(es):
- Date
- Thread