[Bug 306699] [NEW] please sync phpmyadmin for intrepid with 4:2.11.8.1-4 from debian unstable
Launchpad Bug Tracker
306699 at bugs.launchpad.net
Mon Dec 15 19:23:22 UTC 2008
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge (jdstrand):
Binary package hint: phpmyadmin
Intrepid is currently: 4:2.11.8.1-1
>From the debian changelog:
phpmyadmin (4:2.11.8.1-4) unstable; urgency=high
* Add fix for cross site scripting in pmd_pdf.php.
[PMASA-2008-9, CVE-2008-4775]
* Fix encoding of Norwegian from latin-1 to utf-8
(Closes: #501735)
-- Thijs Kinkhorst <thijs at debian.org> Fri, 31 Oct 2008 11:34:28 +0100
phpmyadmin (4:2.11.8.1-3) unstable; urgency=high
* Security fix: strip NUL bytes from to be sanitised strings
to prevent cross site scripting in MSIE.
[PMASA-2008-8, CVE-2008-4326]
-- Thijs Kinkhorst <thijs at debian.org> Wed, 24 Sep 2008 07:25:54 +0200
phpmyadmin (4:2.11.8.1-2) unstable; urgency=high
* Security fix: remote code execution by authenticated users
[CVE-2008-4096, PMASA-2008-7]
* Disallow access to libraries dir when using lighttpd.
-- Thijs Kinkhorst <thijs at debian.org> Sat, 20 Sep 2008 12:22:20 +0200
** Affects: phpmyadmin (Ubuntu)
Importance: Undecided
Status: New
--
please sync phpmyadmin for intrepid with 4:2.11.8.1-4 from debian unstable
https://bugs.launchpad.net/bugs/306699
You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list