| ||||||||||||||||
Fedora alert FEDORA-2007-3666 (phpMyAdmin)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-3666 2007-11-22 03:37:18.238627 -------------------------------------------------------------------------------- Name : phpMyAdmin Product : Fedora 7 Version : 2.11.2.2 Release : 1.fc7 URL : http://www.phpmyadmin.net/ Summary : Web based MySQL browser written in php Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 50 languages -------------------------------------------------------------------------------- Update Information: The login page (auth_type cookie) was vulnerable to XSS via the convcharset parameter (PMASA-2007-8). -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 21 2007 Robert Scheck <robert@fedoraproject.org> 2.11.2.2-1 - Upstream released 2.11.2.2 (#393771) * Tue Nov 20 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.2.1-1 - Upstream released new version * Mon Oct 29 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.2-1 * upstream released new version * Mon Oct 22 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.1.2-1 * upstream released new version * Thu Sep 6 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.0-1 - Upstream released new version - Altered sources file as required - Added proper license * Mon Jul 23 2007 Mike McGrath <mmcgrath@redhat.com> 2.10.3-1 - Upstream released new version -------------------------------------------------------------------------------- References: [ 1 ] Bug #333661 - phpMyAdmin 2.11.1.2 is released (fixes CVE-2007-5386, CVE-2007-5589) https://bugzilla.redhat.com/show_bug.cgi?id=333661 [ 2 ] Bug #356291 - phpMyAdmin 2.11.2 is released https://bugzilla.redhat.com/show_bug.cgi?id=356291 [ 3 ] Bug #393771 - phpMyAdmin 2.11.2.2 is released https://bugzilla.redhat.com/show_bug.cgi?id=393771 [ 4 ] Bug #385891 - CVE-2007-5976 CVE-2007-5977 phpMyAdmin multiple vulnerabilities [f7] https://bugzilla.redhat.com/show_bug.cgi?id=385891 [ 5 ] Bug #385881 - CVE-2007-5976 db_create SQL Injection https://bugzilla.redhat.com/show_bug.cgi?id=385881 [ 6 ] Bug #385921 - CVE-2007-5977 XSS in db_create https://bugzilla.redhat.com/show_bug.cgi?id=385921 -------------------------------------------------------------------------------- Updated packages: 09480ab0ccfc52b2dbca7b8b653c019073f05a1d phpMyAdmin-2.11.2.2-1.fc7.noarch.rpm 7889835f99bbb18be4f5aa4c8a3cb0c85959ea15 phpMyAdmin-2.11.2.2-1.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann... (Log in to post comments)
|
||||||||||||||||