|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2007-3639 (phpMyAdmin)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: phpMyAdmin-2.11.2.2-1.fc8


Date:
    	      Wed, 21 Nov 2007 20:34:18 -0700


Message-ID:
    	      <200711220334.lAM3Y5V4020993@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3639
2007-11-22 03:34:14.685087
--------------------------------------------------------------------------------

Name        : phpMyAdmin
Product     : Fedora 8
Version     : 2.11.2.2
Release     : 1.fc8
URL         : http://www.phpmyadmin.net/
Summary     : Web based MySQL browser written in php
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages

--------------------------------------------------------------------------------
Update Information:

The login page (auth_type cookie) was vulnerable to XSS via the convcharset parameter
(PMASA-2007-8).
--------------------------------------------------------------------------------
ChangeLog:

* Wed Nov 21 2007 Robert Scheck <robert@fedoraproject.org> 2.11.2.2-1
- Upstream released 2.11.2.2 (#393771)
* Tue Nov 20 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.2.1-1
- Upstream released new version
* Mon Oct 29 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.2-1
* upstream released new version
* Mon Oct 22 2007 Mike McGrath <mmcgrath@redhat.com> 2.11.1.2-1
* upstream released new version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #333661 - phpMyAdmin 2.11.1.2 is released (fixes CVE-2007-5386, CVE-2007-5589)
        https://bugzilla.redhat.com/show_bug.cgi?id=333661
  [ 2 ] Bug #356291 - phpMyAdmin 2.11.2 is released
        https://bugzilla.redhat.com/show_bug.cgi?id=356291
  [ 3 ] Bug #393771 - phpMyAdmin 2.11.2.2 is released
        https://bugzilla.redhat.com/show_bug.cgi?id=393771
  [ 4 ] Bug #385901 - CVE-2007-5976 CVE-2007-5977 phpMyAdmin multiple vulnerabilities [f8]
        https://bugzilla.redhat.com/show_bug.cgi?id=385901
  [ 5 ] Bug #385881 - CVE-2007-5976 db_create SQL Injection
        https://bugzilla.redhat.com/show_bug.cgi?id=385881
  [ 6 ] Bug #385921 - CVE-2007-5977 XSS in db_create
        https://bugzilla.redhat.com/show_bug.cgi?id=385921
--------------------------------------------------------------------------------
Updated packages:

715750b2c76d697316213a852f9bb26f6e42cd70 phpMyAdmin-2.11.2.2-1.fc8.noarch.rpm
cf8a11215428918585de1f71585c3896e8bd9b49 phpMyAdmin-2.11.2.2-1.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update phpMyAdmin' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds