Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora: FEDORA-2009-10530 Critical: phpMyAdmin XSS and SQL Injection Threat

fedora
Calendar Grey October 15, 2009
Dist Fedora Esm H88
The latest phpMyAdmin release addresses critical XSS and SQL injection flaws found in Fedora 11 operating environments.
Changes for 3.2.2.1: - [security] XSS and SQL injection, thanks to Herman van Rink

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Update Information:

Changes for 3.2.2.1: - [security] XSS and SQL injection, thanks to Herman van Rink

Topics%20covered

Topics Covered

security advisory update critical Fedora XSS SQL injection phpMyAdmin

Change Log

* Tue Oct 13 2009 Robert Scheck 3.2.2.1-1 - Upstream released 3.2.2.1 (#528769) - Require php-mcrypt for cookie authentication (#526979) * Sun Sep 13 2009 Robert Scheck 3.2.2-1 - Upstream released 3.2.2 * Sun Sep 6 2009 Robert Scheck 3.2.1-2 - Added ::1 for localhost/loopback access (for IPv6 users) * Mon Aug 10 2009 Robert Scheck 3.2.1-1 - Upstream released 3.2.1 * Sun Jul 26 2009 Fedora Release Engineering - 3.2.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Tue Jun 30 2009 Robert Scheck 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck 3.2.0-1 - Upstream released 3.2.0

References


[ 1 ] Bug #528769 - phpMyAdmin: XSS and SQL injection (PMASA-2009-6) https://bugzilla.redhat.com/show_bug.cgi?id=528769

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: phpMyAdmin
Product: Fedora 11
Version: 3.2.2.1
Release: 1.fc11
URL: https://www.phpmyadmin.net/
Summary: Web based MySQL browser written in php

Topics%20covered

Topics Covered

security advisory update critical Fedora XSS SQL injection phpMyAdmin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here