Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 10: FEDORA-2009-10510 Critical: phpMyAdmin SQL Injection

fedora
Calendar Grey October 15, 2009
Dist Fedora Esm H88
Upgrade phpMyAdmin on Fedora 10 for critical XSS and SQL Injection fixes. Follow the steps to ensure your database management interface is secure and up to date
Changes for 3.2.2.1: - [security] XSS and SQL injection, thanks to Herman van Rink

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Update Information:

Changes for 3.2.2.1: - [security] XSS and SQL injection, thanks to Herman van Rink

Topics%20covered

Topics Covered

security advisory fedora critical software update XSS SQL injection phpmyadmin

Change Log

* Tue Oct 13 2009 Robert Scheck 3.2.2.1-1 - Upstream released 3.2.2.1 (#528769) - Require php-mcrypt for cookie authentication (#526979) * Sun Sep 13 2009 Robert Scheck 3.2.2-1 - Upstream released 3.2.2 * Sun Sep 6 2009 Robert Scheck 3.2.1-2 - Added ::1 for localhost/loopback access (for IPv6 users) * Mon Aug 10 2009 Robert Scheck 3.2.1-1 - Upstream released 3.2.1 * Sun Jul 26 2009 Fedora Release Engineering - 3.2.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Tue Jun 30 2009 Robert Scheck 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck 3.2.0-1 - Upstream released 3.2.0 * Fri May 15 2009 Robert Scheck 3.1.5-1 - Upstream released 3.1.5 * Sat Apr 25 2009 Robert Scheck 3.1.4-1 - Upstream released 3.1.4 * Tue Apr 14 2009 Robert Scheck 3.1.3.2-1 - Upstream released 3.1.3.2 (#495768) * Wed Mar 25 2009 Robert Scheck 3.1.3.1-1 - Upstream released 3.1.3.1 (#492066) * Sun Mar 1 2009 Robert Scheck 3.1.3-1 - Upstream released 3.1.3 * Mon Feb 23 2009 Robert Scheck 3.1.2-2 - Rebuilt against rpm 4.6 * Tue Jan 20 2009 Robert Scheck 3.1.2-1 - Upstream released 3.1.2 * Thu Dec 11 2008 Robert Scheck 3.1.1-1 - Upstream released 3.1.1 (#475954) * Sat Nov 29 2008 Robert Scheck 3.1.0-1 - Upstream released 3.1.0 - Replaced LocationMatch with Directory directive (#469451)

References


[ 1 ] Bug #528769 - phpMyAdmin: XSS and SQL injection (PMASA-2009-6) https://bugzilla.redhat.com/show_bug.cgi?id=528769

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: phpMyAdmin
Product: Fedora 10
Version: 3.2.2.1
Release: 1.fc10
URL: https://www.phpmyadmin.net/
Summary: Web based MySQL browser written in php

Topics%20covered

Topics Covered

security advisory fedora critical software update XSS SQL injection phpmyadmin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here