Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 11 phpMyAdmin 3.2.0.1 Critical XSS Risk Advisory

fedora
Calendar Grey July 3, 2009
Dist Fedora Esm H88
Fedora 11 release fixes critical XSS flaw in phpMyAdmin while rolling out additional improvements and functionalities.
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bu...

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Update Information:

The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - [core] better support for vendor customisation (based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less than cookie validity - [rfe] configurable default charset for import - [rfe] link to InnoDB status when error 150 occurs - [rfe] strip ` from column names on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra back reference when editing table-specific privileges - [display] Sortable database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML cleanup, - [display] Possibility of disabling the sliders - [privileges] Create user for existing database - [privileges] Cleanup - [auth] AllowNoPasswordRoot error message is too vague - [XHTML] View table headers/footers completely - [core] support column name having square bra...

Topics%20covered

Topics Covered

security advisory critical issue security update Fedora XSS web application phpMyAdmin

Change Log

* Tue Jun 30 2009 Robert Scheck 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck 3.2.0-1 - Upstream released 3.2.0

References


[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5) https://bugzilla.redhat.com/show_bug.cgi?id=508879

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: phpMyAdmin
Product: Fedora 11
Version: 3.2.0.1
Release: 1.fc11
URL: https://www.phpmyadmin.net/
Summary: Web based MySQL browser written in php

Topics%20covered

Topics Covered

security advisory critical issue security update Fedora XSS web application phpMyAdmin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here