[Frugalware-git] homepage-ng: FSA713-phpmyadmin

Miklos Vajna Sun, 10 Apr 2011 12:51:33 -0700

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=633b358dbc5f303bfc2592b94875d654388cc361


commit 633b358dbc5f303bfc2592b94875d654388cc361
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Sun Apr 10 21:38:04 2011 +0200

FSA713-phpmyadmin

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index eefa541..2939e26 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,19 @@

<fsas>
<fsa>
+               <id>713</id>
+               <date>2011-04-10</date>
+               <author>Miklos Vajna</author>
+               <package>phpmyadmin</package>
+               <vulnerable>3.3.9-1</vulnerable>
+               <unaffected>3.3.9.2-1nexon1<unaffected>
+               <bts>http://bugs.frugalware.org/task/4424</bts>
+               
<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0987</cve>
+               <desc>A security issue has been reported in phpMyAdmin, which 
can be exploited by malicious users to bypass certain security restrictions.
+The security issue is caused due to an error within the handling of bookmarked 
SQL queries, which can be exploited to e.g. trick other users into executing 
unintended bookmarked SQL queries.
+Successful exploitation requires that the bookmarks functionality is enabled 
and the configuration storage is set up and enabled.</desc>
+       </fsa>
+       <fsa>
<id>712</id>
<date>2011-02-13</date>
<author>Miklos Vajna</author>
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

[Frugalware-git] homepage-ng: FSA713-phpmyadmin

Reply via email to