Your message dated Thu, 25 Jun 2009 23:00:30 +0200
with message-id <[email protected]>
and subject line Re: Bug#534618: /var/lib/phpmyadmin/config.inc.php gets broken
has caused the Debian Bug report #534618,
regarding /var/lib/phpmyadmin/config.inc.php gets broken
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
534618: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534618
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: phpmyadmin
Version: 4:2.11.8.1-5
Severity: normal
Hi,
I've no idea how the phpinfo() ended up in this file, but I've seen it on
multiple servers. Could this be a vulnerability in phpMyAdmin?
Or some bug in the Debian package?
Olaf
/var/lib/phpmyadmin/config.inc.php:
<?php
/*
* Generated configuration file
* Generated by: phpMyAdmin 2.11.8.1deb5 setup script by Michal Cihar
<[email protected]>
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $
* Date: Sat, 13 Jun 2009 15:48:01 GMT
*/
/* Servers configuration */
$i = 0;
/* Server (config:root) [1] */
$i++;
$cfg['Servers'][$i]['host']=''; phpinfo();//'] = 'localhost';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
/* End of servers configuration */
?>
-- System Information:
Debian Release: 5.0.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages phpmyadmin depends on:
ii debconf [debconf-2 1.5.24 Debian configuration management sy
ii perl 5.10.0-19 Larry Wall's Practical Extraction
ii php5-cgi 5.2.6.dfsg.1-1+lenny3 server-side, HTML-embedded scripti
ii php5-mcrypt 5.2.6.dfsg.1-1+lenny3 MCrypt module for php5
ii php5-mysql 5.2.6.dfsg.1-1+lenny3 MySQL module for php5
Versions of packages phpmyadmin recommends:
ii lighttpd [httpd] 1.4.19-5 A fast webserver with minimal memo
ii php5-gd 5.2.6.dfsg.1-1+lenny3 GD module for php5
Versions of packages phpmyadmin suggests:
ii mysql-server 5.0.51a-24+lenny1 MySQL database server (metapackage
ii mysql-server-5.0 [mysq 5.0.51a-24+lenny1 MySQL database server binaries
-- debconf information:
phpmyadmin/setup-username: admin
* phpmyadmin/reconfigure-webserver:
--- End Message ---
--- Begin Message ---
Version: 4:3.1.3.1-1
Sid (and testing) have been fixed since 4:3.1.3.1-1.
We've released updates for etch and lenny just now.
This bug can therefore be closed.
cheers,
Thijs
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
