Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

Fedora 23: phpMyAdmin Security Advisory - Critical Update Required

fedora
Calendar Grey November 10, 2015
Scroller Fedora Esm H88
Crucial security patch released for phpMyAdmin on Fedora 23 featuring numerous essential corrections and enhancements. Update strongly advised.
phpMyAdmin 4.5.1.0 (2015-10-23) argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable editi...

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the World Wide Web. Most frequently used operations are supported

by the user interface (managing databases, tables, fields, relations, indexes,

users, permissions), while you still have the ability to directly execute any

SQL statement.

Features include an intuitive web interface, support for most MySQL features

(browse and drop databases, tables, views, fields and indexes, create, copy,

drop, rename and alter databases, tables, fields and indexes, maintenance

server, databases and tables, with proposals on server configuration, execute,

edit and bookmark any SQL-statement, even batch-queries, manage MySQL usersand privileges, manage stored procedures and triggers), import data from CSV

and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text

and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,

creating PDF graphics of your database layout, creating complex queries using

Query-by-example (QBE), searching globally in a database or a subset of it,

transforming stored data into any format using a set of predefined functions,

like displaying BLOB-data as image or download-link and much more...

Update Information:

phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise 'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from...

Change Log

References


[ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: phpMyAdmin
Product: Fedora 23
Version: 4.5.1
Release: 1.fc23
Summary: Handle the administration of MySQL over the World Wide Web

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.