[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Review and testing phpmyadmin for Jessie LTS


I've reviewed both patches and they look sane. I did some smoke tests on
the package (installed it and mariadb in a VM) and it seems to run
okay. I also did an naive attempt at exploiting CVE-2018-19970 but
couldn't succeed, which can either mean I failed or the flaw is
fixed. :)

Good job,


On 2019-01-29 15:27:59, Lucas Kanashiro wrote:
> Hugo,
> I just uploaded a new package fixing the issue that you pointed out here
> again: https://people.debian.org/~kanashiro/jessie_lts/phpmyadmin/
> I didn't perform any new testing yet, I want to do it soon. But if you
> could have a try again it would be great.
> Cheers.
> On 1/29/19 11:37 AM, Hugo Lefeuvre wrote:
>> Hi Lucas,
>>> Great, sorry for being a victim of my lack of attention... I've never
>>> used phpmyadmin (that's why I requested some testing) and my local tests
>>> were so basic that they didn't catch this issue. Shame on me.
>> That's 
>> fine, main thing is issues have been found before upload :)
>>> I'll fix it and perform some tests. Thanks for the review and the time
>>> that you spent on this.
>> I am available for testing the updated package if needed.
>> cheers,
>>  Hugo
> -- 
> Lucas Kanashiro

Drowning people
Sometimes die
Fighting their rescuers.
                        - Octavia Butler

Reply to: