*** This bug is a security vulnerability ***
Public security bug reported:
Please sync phpmyadmin 4:3.3.7-3 (universe) from Debian unstable (main)
Changelog entries since current maverick version 4:3.3.7-2:
phpmyadmin (4:3.3.7-3) unstable; urgency=high
* Address two security issues (Closes: #608290):
- It was possible to display arbitrary text and link to external site
using parameters passed to particular script
(CVE-2010-4480, PMASA-2010-9).
- Phpinfo could be visible to not logged in users if this feature was
enabled (minor issue; CVE-2010-4481, PMASA-2010-10).
-- Thijs Kinkhorst <[email protected]> Thu, 30 Dec 2010 17:48:08 +0100
** Affects: phpmyadmin (Ubuntu)
Importance: Low
Status: New
** Affects: phpmyadmin (Ubuntu Maverick)
Importance: Low
Status: New
** Changed in: phpmyadmin (Ubuntu)
Importance: Undecided => Wishlist
** Also affects: phpmyadmin (Ubuntu Maverick)
Importance: Undecided
Status: New
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/696857
Title:
Sync phpmyadmin 4:3.3.7-3 (universe) from Debian testing (main) to
maverick-security
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
