--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2018-088802878a
2018-12-21 19:38:54.256600
--------------------------------------------------------------------------------Name        : phpMyAdmin
Product     : Fedora 29
Version     : 4.8.4
Release     : 1.fc29
URL         : https://www.phpmyadmin.net/
Summary     : Handle the administration of MySQL over the World Wide Web
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the World Wide Web. Most frequently used operations are supported
by the user interface (managing databases, tables, fields, relations, indexes,
users, permissions), while you still have the ability to directly execute any
SQL statement.

Features include an intuitive web interface, support for most MySQL features
(browse and drop databases, tables, views, fields and indexes, create, copy,
drop, rename and alter databases, tables, fields and indexes, maintenance
server, databases and tables, with proposals on server configuration, execute,
edit and bookmark any SQL-statement, even batch-queries, manage MySQL users
and privileges, manage stored procedures and triggers), import data from CSV
and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text
and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,
creating PDF graphics of your database layout, creating complex queries using
Query-by-example (QBE), searching globally in a database or a subset of it,
transforming stored data into any format using a set of predefined functions,
like displaying BLOB-data as image or download-link and much more...

--------------------------------------------------------------------------------Update Information:

Upstream announcement:  The phpMyAdmin team is pleased to announce the release
of **phpMyAdmin version 4.8.4**. Among other bug fixes, this contains several
important security fixes.  The security fixes involve:  *    Local file
inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/), *    XSRF/CSRF
vulnerabilities allowing a specially-crafted URL to perform harmful operations
(https://www.phpmyadmin.net/security/PMASA-2018-7/), and *    an XSS
vulnerability in the navigation tree
(https://www.phpmyadmin.net/security/PMASA-2018-8/)  In addition to the security
fixes, this release also includes these bug fixes and more as part of our
regular release cycle:  *    Issue with changing theme *    Ensure that database
names with a dot ('.') are handled properly when DisableIS is true *    Fix for
message "Error while copying database (pma__column_info)" *    Move operation
causes "SELECT * FROM `undefined`" error *    When logging with $cfg['AuthLog']
to syslog, successful login messages were not logged when $cfg['AuthLogSuccess']
was true *    Multiple errors and regressions with Designer  And several more.
Complete notes are in the ChangeLog file included with this release.
--------------------------------------------------------------------------------ChangeLog:

* Tue Dec 11 2018 Remi Collet  - 4.8.4-1
- update to 4.8.4 (2018-12-11, security fix)
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-088802878a' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Fedora 29: phpMyAdmin Security Update 2018-088802878a

December 21, 2018
Upstream announcement: The phpMyAdmin team is pleased to announce the release of **phpMyAdmin version 4.8.4**

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the World Wide Web. Most frequently used operations are supported

by the user interface (managing databases, tables, fields, relations, indexes,

users, permissions), while you still have the ability to directly execute any

SQL statement.

Features include an intuitive web interface, support for most MySQL features

(browse and drop databases, tables, views, fields and indexes, create, copy,

drop, rename and alter databases, tables, fields and indexes, maintenance

server, databases and tables, with proposals on server configuration, execute,

edit and bookmark any SQL-statement, even batch-queries, manage MySQL users

and privileges, manage stored procedures and triggers), import data from CSV

and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text

and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,

creating PDF graphics of your database layout, creating complex queries using

Query-by-example (QBE), searching globally in a database or a subset of it,

transforming stored data into any format using a set of predefined functions,

like displaying BLOB-data as image or download-link and much more...

Upstream announcement: The phpMyAdmin team is pleased to announce the release

of **phpMyAdmin version 4.8.4**. Among other bug fixes, this contains several

important security fixes. The security fixes involve: * Local file

inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/), * XSRF/CSRF

vulnerabilities allowing a specially-crafted URL to perform harmful operations

(https://www.phpmyadmin.net/security/PMASA-2018-7/), and * an XSS

vulnerability in the navigation tree

(https://www.phpmyadmin.net/security/PMASA-2018-8/) In addition to the security

fixes, this release also includes these bug fixes and more as part of our

regular release cycle: * Issue with changing theme * Ensure that database

names with a dot ('.') are handled properly when DisableIS is true * Fix for

message "Error while copying database (pma__column_info)" * Move operation

causes "SELECT * FROM `undefined`" error * When logging with $cfg['AuthLog']

to syslog, successful login messages were not logged when $cfg['AuthLogSuccess']

was true * Multiple errors and regressions with Designer And several more.

Complete notes are in the ChangeLog file included with this release.

* Tue Dec 11 2018 Remi Collet - 4.8.4-1

- update to 4.8.4 (2018-12-11, security fix)

su -c 'dnf upgrade --advisory FEDORA-2018-088802878a' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

FEDORA-2018-088802878a 2018-12-21 19:38:54.256600 Product : Fedora 29 Version : 4.8.4 Release : 1.fc29 URL : https://www.phpmyadmin.net/ Summary : Handle the administration of MySQL over the World Wide Web Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, indexes, users, permissions), while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execute, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers, creating PDF graphics of your database layout, creating complex queries using Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined functions, like displaying BLOB-data as image or download-link and much more... Upstream announcement: The phpMyAdmin team is pleased to announce the release of **phpMyAdmin version 4.8.4**. Among other bug fixes, this contains several important security fixes. The security fixes involve: * Local file inclusion (https://www.phpmyadmin.net/security/PMASA-2018-6/), * XSRF/CSRF vulnerabilities allowing a specially-crafted URL to perform harmful operations (https://www.phpmyadmin.net/security/PMASA-2018-7/), and * an XSS vulnerability in the navigation tree (https://www.phpmyadmin.net/security/PMASA-2018-8/) In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle: * Issue with changing theme * Ensure that database names with a dot ('.') are handled properly when DisableIS is true * Fix for message "Error while copying database (pma__column_info)" * Move operation causes "SELECT * FROM `undefined`" error * When logging with $cfg['AuthLog'] to syslog, successful login messages were not logged when $cfg['AuthLogSuccess'] was true * Multiple errors and regressions with Designer And several more. Complete notes are in the ChangeLog file included with this release. * Tue Dec 11 2018 Remi Collet - 4.8.4-1 - update to 4.8.4 (2018-12-11, security fix) su -c 'dnf upgrade --advisory FEDORA-2018-088802878a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 29
Version : 4.8.4
Release : 1.fc29
URL : https://www.phpmyadmin.net/
Summary : Handle the administration of MySQL over the World Wide Web

Related News

22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved