[Bug 807086] [NEW] Sync phpmyadmin 4:3.4.3.1-1 (universe) from Debian unstable (main)
Launchpad Bug Tracker
807086 at bugs.launchpad.net
Thu Jul 7 16:07:31 UTC 2011
You have been subscribed to a public bug by Micah Gersten (micahg):
Please sync phpmyadmin 4:3.4.3.1-1 (universe) from Debian unstable
(main)
Changelog entries since current oneiric version 4:3.4.3-1:
phpmyadmin (4:3.4.3.1-1) unstable; urgency=high
* New upstream security release:
* Fixed possible session manipulation in swekey authentication, see
PMASA-2011-5 (CVE-2011-2505).
* Fixed possible code injection incase session variables are compromised,
see PMASA-2011-6 (CVE-2011-2506).
* Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
(CVE-2011-2507).
* Fixed filtering of a file path, which allowed for directory traversal, see
PMASA-2011-8 (CVE-2011-2508).
-- Michal Čihař <nijel at debian.org> Thu, 07 Jul 2011 08:53:41 +0200
** Affects: phpmyadmin (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Sync phpmyadmin 4:3.4.3.1-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/807086
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is subscribed to the bug report.
More information about the ubuntu-archive
mailing list