Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 10 phpMyAdmin 3.2.0.1 Moderate XSS Impact and Security Measures

fedora
Calendar Grey July 3, 2009
Dist Fedora Esm H88
Enhancement notice for phpMyAdmin 3.2.0.1 on Fedora 10 tackles CSRF vulnerabilities and boosts performance. Discover the details of the improvements.
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bu...

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Update Information:

The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - [core] better support for vendor customisation (based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less than cookie validity - [rfe] configurable default charset for import - [rfe] link to InnoDB status when error 150 occurs - [rfe] strip ` from column names on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra back reference when editing table-specific privileges - [display] Sortable database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML cleanup, - [display] Possibility of disabling the sliders - [privileges] Create user for existing database - [privileges] Cleanup - [auth] AllowNoPasswordRoot error message is too vague - [XHTML] View table headers/footers completely - [core] support column name having square bra...

Topics%20covered

Topics Covered

security advisory moderate fedora software update security fix phpMyAdmin xss issue

Change Log

* Tue Jun 30 2009 Robert Scheck 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck 3.2.0-1 - Upstream released 3.2.0 * Fri May 15 2009 Robert Scheck 3.1.5-1 - Upstream released 3.1.5 * Sat Apr 25 2009 Robert Scheck 3.1.4-1 - Upstream released 3.1.4 * Tue Apr 14 2009 Robert Scheck 3.1.3.2-1 - Upstream released 3.1.3.2 (#495768) * Wed Mar 25 2009 Robert Scheck 3.1.3.1-1 - Upstream released 3.1.3.1 (#492066) * Sun Mar 1 2009 Robert Scheck 3.1.3-1 - Upstream released 3.1.3 * Mon Feb 23 2009 Robert Scheck 3.1.2-2 - Rebuilt against rpm 4.6 * Tue Jan 20 2009 Robert Scheck 3.1.2-1 - Upstream released 3.1.2 * Thu Dec 11 2008 Robert Scheck 3.1.1-1 - Upstream released 3.1.1 (#475954) * Sat Nov 29 2008 Robert Scheck 3.1.0-1 - Upstream released 3.1.0 - Replaced LocationMatch with Directory directive (#469451)

References


[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5) https://bugzilla.redhat.com/show_bug.cgi?id=508879

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: phpMyAdmin
Product: Fedora 10
Version: 3.2.0.1
Release: 1.fc10
URL: https://www.phpmyadmin.net/
Summary: Web based MySQL browser written in php

Topics%20covered

Topics Covered

security advisory moderate fedora software update security fix phpMyAdmin xss issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here