Mageia alert MGASA-2012-0240 (phpmyadmin) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0240: phpmyadmin-3.5.2.2-1.1.mga (1,
 2/core) 
Date:
    	       Sun, 26 Aug 2012 23:18:04 +0200
Message-ID:
    	       <20120826211804.GA3420@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2012-0240
Date: 	August 23rd, 2012
Affected releases: 	1, 2


Description:
Updated phpmyadmin package fixes bugs and security vulnerabilities:

- [security] Fixed XSS vulnerabilities, see PMASA-2012-4
- bug #3521416 [interface] JS error when editing index
- bug #3521313 [core] Call to undefined function __()
- bug #3521016 [edit] NOW() function incorrectly selected
- bug [GUI] Invalid HTML code on transformation_overview.php
- bug #3522930 [browse] Missing validation in Ajax mode
- bug Fix popup message on build SQL of import
- bug #3523499 [core] Make X-WebKit-CSP work better
- replace Highcharts with jqplot for query profiling, zoom search
- bug #3531584 [interface] No form validation in change password dialog
- bug #3531585 [interface] Broken password validation in copy user form
- bug #3531586 [unterface] Add user form prints JSON when user presses enter
- bug #3534121 [config] duplicate line in config.sample.inc.php
- bug #3534311 [interface] Grid editing incorrectly parses ENUM/SET values
- bug #3510196 [core] More clever URL rewriting with ForceSSL
- added missing requires for php-mysqli
    
    
Updated Packages:
Mageia 1:
phpmyadmin-3.5.2.2-1.1.mga1

Mageia 2:
phpmyadmin-3.5.2.2-1.1.mga2
    
    
References:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-3...
http://www.phpmyadmin.net/home_page/security/PMASA-2012-4...
https://bugs.mageia.org/show_bug.cgi?id=6905
http://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0240
(Log in to post comments)