[ubuntu/oneiric] phpmyadmin 4:3.4.3.1-1 (Accepted)
Micah Gersten
launchpad at micahscomputing.com
Thu Jul 7 17:28:54 UTC 2011
phpmyadmin (4:3.4.3.1-1) unstable; urgency=high
* New upstream security release:
* Fixed possible session manipulation in swekey authentication, see
PMASA-2011-5 (CVE-2011-2505).
* Fixed possible code injection incase session variables are compromised,
see PMASA-2011-6 (CVE-2011-2506).
* Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
(CVE-2011-2507).
* Fixed filtering of a file path, which allowed for directory traversal, see
PMASA-2011-8 (CVE-2011-2508).
Date: Thu, 07 Jul 2011 17:28:26 +0000
Changed-By: Micah Gersten <launchpad at micahscomputing.com>
Maintainer: Thijs Kinkhorst <thijs at debian.org>
Origin: Debian/unstable
https://launchpad.net/ubuntu/oneiric/+source/phpmyadmin/4:3.4.3.1-1
-------------- next part --------------
Origin: Debian/unstable
Format: 1.7
Date: Thu, 07 Jul 2011 17:28:26 +0000
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source
Version: 4:3.4.3.1-1
Distribution: oneiric
Urgency: high
Maintainer: Thijs Kinkhorst <thijs at debian.org>
Changed-By: Micah Gersten <launchpad at micahscomputing.com>
Description:
phpmyadmin - MySQL web administration tool
Files:
c175c6c3fe3224dcf8b05b215ee5075b 52829 web extra phpmyadmin_3.4.3.1-1.debian.tar.gz
c8640fb85ceb98e502d0586d7d1359e9 6109877 web extra phpmyadmin_3.4.3.1.orig.tar.gz
3f0888c0f860b68ef76617457a36ad41 1879 web extra phpmyadmin_3.4.3.1-1.dsc
Changes:
phpmyadmin (4:3.4.3.1-1) unstable; urgency=high
.
* New upstream security release:
* Fixed possible session manipulation in swekey authentication, see
PMASA-2011-5 (CVE-2011-2505).
* Fixed possible code injection incase session variables are compromised,
see PMASA-2011-6 (CVE-2011-2506).
* Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
(CVE-2011-2507).
* Fixed filtering of a file path, which allowed for directory traversal, see
PMASA-2011-8 (CVE-2011-2508).
More information about the Oneiric-changes
mailing list