Hi Antoine,

Thank you for the feedback! I've also performed some tests (I sent an
email about that almost at the same time as you :) and came up to the
same result.

After your report I'll upload the package now.


On 2/1/19 5:31 PM, Antoine Beaupré wrote:
> Hi,
> I've reviewed both patches and they look sane. I did some smoke tests on
> the package (installed it and mariadb in a VM) and it seems to run
> okay. I also did an naive attempt at exploiting CVE-2018-19970 but
> couldn't succeed, which can either mean I failed or the flaw is
> fixed. :)
> Good job,
> A.
> On 2019-01-29 15:27:59, Lucas Kanashiro wrote:
>> Hugo,
>> I just uploaded a new package fixing the issue that you pointed out here
>> again: https://people.debian.org/~kanashiro/jessie_lts/phpmyadmin/
>> I didn't perform any new testing yet, I want to do it soon. But if you
>> could have a try again it would be great.
>> Cheers.
>> On 1/29/19 11:37 AM, Hugo Lefeuvre wrote:
>>> Hi Lucas,
>>>> Great, sorry for being a victim of my lack of attention... I've never
>>>> used phpmyadmin (that's why I requested some testing) and my local tests
>>>> were so basic that they didn't catch this issue. Shame on me.
>>> That's 
>>> fine, main thing is issues have been found before upload :)
>>>> I'll fix it and perform some tests. Thanks for the review and the time
>>>> that you spent on this.
>>> I am available for testing the updated package if needed.
>>> cheers,
>>>  Hugo
>> -- 
>> Lucas Kanashiro

Lucas Kanashiro

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to