Fedora 10 Critical: phpMyAdmin 3.1.3.1 XSS And File Issues

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Improvements for 3.1.3.1: - [security] HTTP Response Splitting and file

inclusion vulnerabilities - [security] XSS vulnerability on export page -[security] Insufficient output sanitizing when generating configuration file

* Wed Mar 25 2009 Robert Scheck 3.1.3.1-1

- Upstream released 3.1.3.1 (#492066)

* Sun Mar 1 2009 Robert Scheck 3.1.3-1

- Upstream released 3.1.3

* Mon Feb 23 2009 Robert Scheck 3.1.2-2

- Rebuilt against rpm 4.6

* Tue Jan 20 2009 Robert Scheck 3.1.2-1

- Upstream released 3.1.2

* Thu Dec 11 2008 Robert Scheck 3.1.1-1

- Upstream released 3.1.1 (#475954)

* Sat Nov 29 2008 Robert Scheck 3.1.0-1

- Upstream released 3.1.0

- Replaced LocationMatch with Directory directive (#469451)

[ 1 ] Bug #492066 - phpMyAdmin: Insufficient output sanitizing when generating configuration file (PMASA-2009-3)

https://bugzilla.redhat.com/show_bug.cgi?id=492066

su -c 'yum update phpMyAdmin' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/