please sync phpmyadmin for intrepid with 4:2.11.8.1-5 from debian stable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
phpmyadmin (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Bug Description
Binary package hint: phpmyadmin
Intrepid is currently: 4:2.11.8.1-1
From the debian changelog:
phpmyadmin (4:2.11.8.1-5) unstable; urgency=high
* Add fix for SQL injection [PMASA-2008-10].
-- Thijs Kinkhorst <email address hidden> Tue, 09 Dec 2008 21:15:20 +0100
phpmyadmin (4:2.11.8.1-4) unstable; urgency=high
* Add fix for cross site scripting in pmd_pdf.php.
[PMASA-2008-9, CVE-2008-4775]
* Fix encoding of Norwegian from latin-1 to utf-8
(Closes: #501735)
-- Thijs Kinkhorst <email address hidden> Fri, 31 Oct 2008 11:34:28 +0100
phpmyadmin (4:2.11.8.1-3) unstable; urgency=high
* Security fix: strip NUL bytes from to be sanitised strings
to prevent cross site scripting in MSIE.
[PMASA-2008-8, CVE-2008-4326]
-- Thijs Kinkhorst <email address hidden> Wed, 24 Sep 2008 07:25:54 +0200
phpmyadmin (4:2.11.8.1-2) unstable; urgency=high
* Security fix: remote code execution by authenticated users
[CVE-
* Disallow access to libraries dir when using lighttpd.
-- Thijs Kinkhorst <email address hidden> Sat, 20 Sep 2008 12:22:20 +0200
description: | updated |
Changed in phpmyadmin (Ubuntu): | |
status: | New → Confirmed |
summary: |
- please sync phpmyadmin for intrepid with 4:2.11.8.1-5 from debian - testing + please sync phpmyadmin for intrepid with 4:2.11.8.1-5 from debian stable |
For Jaunty the 4:3.1.2-1 (universe) is already synced from Debian experimental (main). See bug 324299 for more information.
Please note that the newest in debian stable is 4:2.11.8.1-5
I suggest that this bug would be marked as fixed/confirmed and dupplicate of bug 324299.