[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: phpmyadmin update (Was Re: last call for wheezy updates and remaining work for transition)

On 06/07/18 09:36, Emilio Pozuelo Monfort wrote:
> On 05/07/18 12:45, Abhijith PA wrote:
>>
>>
>> On Friday 22 June 2018 04:33 PM, Emilio Pozuelo Monfort wrote:
>>> Ah, nice! Your work looks very useful. My old work was for wheezy, so it only
>>> addressed one CVE (CVE-2017-18264). Since your work is on jessie (which is on a
>>> newer version) and fixes many more issues, I'll let you handle it. Let me know
>>> if you need a review or an upload when you are done with it.
>>>
>>> Cheers,
>>> Emilio
>>>
>>
>> Emilio
>>
>> Can you review and upload phpmyadmin. Debdiff is attached. Looks like
>> CVE-2018-10188 and CVE-2018-12581 are not affecting. Hence I am going to
>> mark it as not-affecting. Rest all are backported.
> 
> CVE-2016-6616.patch looks broken. Indeed, going into user groups causes a 500
> internal server error. The rest looks fine.

Fixed, retested, and uploaded, as per your request. I will release the DLA as I
guess you can't take care of that right now.

Cheers,
Emilio
Reply to: