*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge
(jdstrand):
Binary package hint: phpmyadmin
Intrepid is currently: 4:2.11.8.1-1
>From the debian changelog:
phpmyadmin (4:2.11.8.1-4) unstable; urgency=high
* Add fix for cross site scripting in pmd_pdf.php.
[PMASA-2008-9, CVE-2008-4775]
* Fix encoding of Norwegian from latin-1 to utf-8
(Closes: #501735)
-- Thijs Kinkhorst <[email protected]> Fri, 31 Oct 2008 11:34:28 +0100
phpmyadmin (4:2.11.8.1-3) unstable; urgency=high
* Security fix: strip NUL bytes from to be sanitised strings
to prevent cross site scripting in MSIE.
[PMASA-2008-8, CVE-2008-4326]
-- Thijs Kinkhorst <[email protected]> Wed, 24 Sep 2008 07:25:54 +0200
phpmyadmin (4:2.11.8.1-2) unstable; urgency=high
* Security fix: remote code execution by authenticated users
[CVE-2008-4096, PMASA-2008-7]
* Disallow access to libraries dir when using lighttpd.
-- Thijs Kinkhorst <[email protected]> Sat, 20 Sep 2008 12:22:20 +0200
** Affects: phpmyadmin (Ubuntu)
Importance: Undecided
Status: New
--
please sync phpmyadmin for intrepid with 4:2.11.8.1-4 from debian unstable
https://bugs.launchpad.net/bugs/306699
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
