phpmyadmin 4:4.6.5.1-1 source package in Ubuntu
Changelog
phpmyadmin (4:4.6.5.1-1) unstable; urgency=high
* New upstream release, fixing several security issues:
- Unsafe generation of $cfg['blowfish_secret']
(PMASA-2016-58)
- phpMyAdmin's phpinfo functionality is removed
(PMASA-2016-59)
- AllowRoot and allow/deny rule bypass with specially-crafted username
(PMASA-2016-60)
- Username matching weaknesses with allow/deny rules
(PMASA-2016-61)
- Possible to bypass logout timeout
(PMASA-2016-62)
- Full path disclosure (FPD) weaknesses
(PMASA-2016-63)
- Multiple XSS weaknesses
(PMASA-2016-64)
- Multiple denial-of-service (DOS) vulnerabilities
(PMASA-2016-65)
- Possible to bypass white-list protection for URL redirection
(PMASA-2016-66)
- BBCode injection to login page
(PMASA-2016-67)
- Denial-of-service (DOS) vulnerability in table partitioning
(PMASA-2016-68)
- Multiple SQL injection vulnerabilities
(PMASA-2016-69)
- Incorrect serialized string parsing
(PMASA-2016-70)
- CSRF token not stripped from the URL
(PMASA-2016-71)
-- Michal Čihař <email address hidden> Mon, 28 Nov 2016 10:22:19 +0100
Upload details
- Uploaded by:
- Thijs Kinkhorst
- Uploaded to:
- Sid
- Original maintainer:
- Thijs Kinkhorst
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| phpmyadmin_4.6.5.1-1.dsc | 1.9 KiB | 75694ace1fdb75c65140b6e364d02f1b914f0ee3d03f1229818cba4d89746495 |
| phpmyadmin_4.6.5.1.orig.tar.xz | 5.9 MiB | e163b08b6d1137fd7c48ea97e8e53be415b1937f5e5f7e070936a60c3b9a3df0 |
| phpmyadmin_4.6.5.1-1.debian.tar.xz | 77.5 KiB | 4e8da8b2b2899c4d5096f4fee6e7101b0536e5bcc8768253da555b842f491e34 |
Available diffs
- diff from 4:4.6.4+dfsg1-2 to 4:4.6.5.1-1 (187.6 KiB)
No changes file available.
Binary packages built by this source
- phpmyadmin: No summary available for phpmyadmin in ubuntu zesty.
No description available for phpmyadmin in ubuntu zesty.
