This bug was fixed in the package phpmyadmin - 4:3.3.9-1ubuntu1
---------------
phpmyadmin (4:3.3.9-1ubuntu1) natty; urgency=low
* SECURITY UPDATE: Unvalidated input on error page (LP: #696857)
- debian/patches/CVE-2010-4480.patch: Don't use a redirect to the error page
- CVE-2010-4480
* SECURITY UPDATE: Possible information disclosure of phpinfo (same bug)
- debian/patches/CVE-2010-4481.patch: Don't skip authentication for
PMA_MINIMUM_COMMON
- CVE-2010-4481
phpmyadmin (4:3.3.9-1) experimental; urgency=low
* New upstream release.
* Fix connection settings when using dbconfig with remote MySQL server.
* Log when dbconfig generated settings are not accessible.
* Add Slovak debconf translation (Closes: #608702).
* Update Danish debconf translation (Closes: #608941).
-- Micah Gersten <[email protected]> Wed, 05 Jan 2011 23:42:17 -0600
** Changed in: phpmyadmin (Ubuntu Natty)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/696857
Title:
Fix CVE-2010-4480 and CVE-2010-4481
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
