Hi Lucas, > I uploaded version 4.2.12-2+deb8u4 of phpmyadmin to: > > https://people.debian.org/~kanashiro/jessie_lts/phpmyadmin/ > > It has patches fixing CVE-2018-19968 and CVE-2018-19970. I did not have > the time to determine whether jessie is affected by CVE-2018-19969 > (requested by sunweaver), I did some superficial investigation with no > confirmation yet. This month I'll not have enough time to continue the > investigation. > > I'd appreciate some review and testing, specially related to > CVE-2018-19968, the debdiff is attached if it helps.
will have a look later today, thanks ! cheers, Hugo -- Hugo Lefeuvre (hle) | www.owl.eu.com RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
Description: PGP signature