[Bug 1578300] Re: Sync phpmyadmin 4:4.6.0-2 (universe) from Debian unstable (main)

Robie Basak 1578300 at bugs.launchpad.net
Wed May 4 16:40:24 UTC 2016 

This bug was fixed in the package phpmyadmin - 4:4.6.0-2
Sponsored for Nish Aravamudan (nacc)

---------------
phpmyadmin (4:4.6.0-2) unstable; urgency=medium

  * Do not assume PHP 5 for the upgrade script (Closes: #820881).
  * Simplify PHP dependencies, mixed PHP 5/7 setup never really worked, so
    let's depend on one PHP version only (Closes: #821592, #820881, #819521).
  * Bump standards to 3.9.8.

 -- Michal Čihař <nijel at debian.org>  Wed, 27 Apr 2016 08:55:48 +0200

phpmyadmin (4:4.6.0-1) unstable; urgency=medium

  * New upstream release.
  * Let dbconfig-common handle error states (Closes: #818314).

 -- Michal Čihař <nijel at debian.org>  Tue, 12 Apr 2016 15:16:40 +0200

phpmyadmin (4:4.5.5.1-2) unstable; urgency=medium

  * Prefer PHP 7 over PHP 5 in dependencies to make it more straightforward
    for new installs (Closes: #816462, #816466).
  * Fix upgrade for automatically upgraded configuration storage
    (Closes: #802855, #813190).

 -- Michal Čihař <nijel at debian.org>  Wed, 09 Mar 2016 16:41:03 +0100

phpmyadmin (4:4.5.5.1-1) unstable; urgency=high

  * New upstream release, fixes security issues:
    - XSS vulnerability in SQL parser
      (CVE-2016-2559, PMASA-2016-10).
    - Multiple XSS vulnerabilities
      (CVE-2016-2560, PMASA-2016-11).
    - Multiple XSS vulnerabilities
      (CVE-2016-2561, PMASA-2016-12).
    - Vulnerability allowing man-in-the-middle attack on API call to GitHub
      (CVE-2016-2562, PMASA-2016-13).

 -- Michal Čihař <nijel at debian.org>  Tue, 01 Mar 2016 10:03:38 +0100

phpmyadmin (4:4.5.5-2) unstable; urgency=medium

  [ Michal Čihař ]
  * Adjust dependencies to split of extensions in PHP 7.0 packages.

  [ Thijs Kinkhorst ]
  * Fix include of gettext in sql-parser library (closes: #815917).
  * Checked for policy 3.9.7, no changes.

 -- Thijs Kinkhorst <thijs at debian.org>  Sun, 28 Feb 2016 17:43:45 +0000

phpmyadmin (4:4.5.5-1) unstable; urgency=medium

  * New upstream release.

 -- Michal Čihař <nijel at debian.org>  Wed, 24 Feb 2016 16:17:32 +0100

** Changed in: phpmyadmin (Ubuntu)
       Status: New => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2559

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2560

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2561

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2562

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1578300

Title:
  Sync phpmyadmin 4:4.6.0-2 (universe) from Debian unstable (main)

Status in phpmyadmin package in Ubuntu:
  Fix Released

Bug description:
  Please sync phpmyadmin 4:4.6.0-2 (universe) from Debian unstable
  (main)

  Explanation of the Ubuntu delta and why it can be dropped:
    * Update to PHP7.0 dependencies (LP: #1564169)

  debian/README.Debian: purely a textual change that can be dropped for
  now and a patch will be pushed to Debian.
  debian/conf/apache.conf: has been added upstream as a separate mod_php
  conditional.
  debian/control: has been modified in Debian to only depend on PHP7.0
  packages.

  Changelog entries since current yakkety version 4:4.5.4.1-2ubuntu1:

  phpmyadmin (4:4.6.0-2) unstable; urgency=medium

    * Do not assume PHP 5 for the upgrade script (Closes: #820881).
    * Simplify PHP dependencies, mixed PHP 5/7 setup never really worked, so
      let's depend on one PHP version only (Closes: #821592, #820881, #819521).
    * Bump standards to 3.9.8.

   -- Michal Čihař <nijel at debian.org>  Wed, 27 Apr 2016 08:55:48 +0200

  phpmyadmin (4:4.6.0-1) unstable; urgency=medium

    * New upstream release.
    * Let dbconfig-common handle error states (Closes: #818314).

   -- Michal Čihař <nijel at debian.org>  Tue, 12 Apr 2016 15:16:40 +0200

  phpmyadmin (4:4.5.5.1-2) unstable; urgency=medium

    * Prefer PHP 7 over PHP 5 in dependencies to make it more straightforward
      for new installs (Closes: #816462, #816466).
    * Fix upgrade for automatically upgraded configuration storage
      (Closes: #802855, #813190).

   -- Michal Čihař <nijel at debian.org>  Wed, 09 Mar 2016 16:41:03 +0100

  phpmyadmin (4:4.5.5.1-1) unstable; urgency=high

    * New upstream release, fixes security issues:
      - XSS vulnerability in SQL parser
        (CVE-2016-2559, PMASA-2016-10).
      - Multiple XSS vulnerabilities
        (CVE-2016-2560, PMASA-2016-11).
      - Multiple XSS vulnerabilities
        (CVE-2016-2561, PMASA-2016-12).
      - Vulnerability allowing man-in-the-middle attack on API call to GitHub
        (CVE-2016-2562, PMASA-2016-13).

   -- Michal Čihař <nijel at debian.org>  Tue, 01 Mar 2016 10:03:38 +0100

  phpmyadmin (4:4.5.5-2) unstable; urgency=medium

    [ Michal Čihař ]
    * Adjust dependencies to split of extensions in PHP 7.0 packages.

    [ Thijs Kinkhorst ]
    * Fix include of gettext in sql-parser library (closes: #815917).
    * Checked for policy 3.9.7, no changes.

   -- Thijs Kinkhorst <thijs at debian.org>  Sun, 28 Feb 2016 17:43:45
  +0000

  phpmyadmin (4:4.5.5-1) unstable; urgency=medium

    * New upstream release.

   -- Michal Čihař <nijel at debian.org>  Wed, 24 Feb 2016 16:17:32 +0100

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/1578300/+subscriptions

More information about the Ubuntu-sponsors mailing list