Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20061123204939-dd049-ea9c65de2e9d9c9816a759a7f6ce93c1400134df.gz;
[FSA55-phpmyadmin voroskoi <[EMAIL PROTECTED]>**20061123204939] { hunk ./frugalware/xml/security.xml 29 + <fsa> + <id>55</id> + <date>2006-11-23</date> + <author>voroskoi</author> + <package>phpmyadmin</package> + <vulnerable>2.9.1_rc1-1siwenna1</vulnerable> + <unaffected>2.9.1.1-1siwenna1</unaffected> + <bts>http://bugs.frugalware.org/task/1417 + http://bugs.frugalware.org/task/1469</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5718</cve> + <desc>Input containing UTF-7 encoded characters passed to the script which displays error messages is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. + Three other security issues fixed too, see http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-{7,8,9} for details.</desc> + </fsa> } _______________________________________________ Frugalware-darcs mailing list Frugalware-darcs@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-darcs