[SECURITY] [DLA 3002-1] adminer security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3002-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
May 13, 2022 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : adminer
Version : 4.2.5-3+deb9u3
CVE ID : CVE-2021-43008
It was discovered that there was an issue in the web-based database
tool Adminer whereby an attacker could have performed an Arbitrary
File Read on the remote server by requesting Adminer connect to a
crafted remote MySQL database.
For Debian 9 "Stretch", this problem has been fixed in version
4.2.5-3+deb9u3.
We recommend that you upgrade your adminer packages.
For the detailed security status of adminer please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/adminer
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmJ+j5YACgkQHpU+J9Qx
Hlh6og//YlkuWzF4vnjl98j+9EyKaDxNYK2ASgpUSM4IrV1TW4LQqv9R+WNiZUIg
x9FRhXTgEBh3ANZeGQqLDKlszNRZhS5sBwVxjuI2lU1b4j6guI/mRti5sAXf5Bbb
I7YnlOdtfVu3Ap9ZzNvagQiRJNPgbNjOz3xAGsbSl6kvHCI2mqDb1hZzHbrOpEtf
Cn0LSah7St6V4LTqbaOiHw+WR6C5gf7Hu3hntxLozaXBYshLWgmUgLWblfNonNst
a39AbWgCtoK+aPJQd4VbRo2rwpNllEiR+6zR8IFnIpFN0mpOmnpdf2gq5fyhxmW0
rksWoH9on2+Mx6wRfKpAI1kOG17t7z2iTrBhjEjEnTiI3TIeb7fdnFoHTcKH5FYU
JavRjp7DNRPfk44zwUA99J0ysyLuAIrH6VMQI7IbSVnC24YBKBxaDCKr5Xl1txGL
B50EcAt3dKIUVNRfmfZiPQCoNTIYXCB5ionkGc9AReebKc/pFJJpDC3/Kw9usGin
JYV4pXIY9CFzKMrVEH13dDTcKcSPo1ZS+DSTP/0Z/xVgMEtbd0MJWFzdHY6Y3OdN
NVrbRRQ1j3QjoyoBQW1cSuIF84QWkMC5eRETNuJCHYXkFlaQIZbjXU4avS2MB5Qh
NRJ4A01zIo3PsLQK3dAWTFSpNiIf8BZ2pGYz4A20MC70RoqskUQ=
=I96e
-----END PGP SIGNATURE-----
Reply to: