openSUSE: 2019:1861-1: moderate: phpMyAdmin

    Date14 Aug 2019
    Posted ByLinuxSecurity Advisories
    Opensuse Large
    An update that fixes two vulnerabilities is now available.
       openSUSE Security Update: Security update for phpMyAdmin
    Announcement ID:    openSUSE-SU-2019:1861-1
    Rating:             moderate
    References:         #1137496 #1137497 
    Cross-References:   CVE-2019-11768 CVE-2019-12616
    Affected Products:
                        openSUSE Backports SLE-15-SP1
       An update that fixes two vulnerabilities is now available.
       This update for phpMyAdmin fixes the following issues:
       phpMyAdmin was updated to
       * Several issues with SYSTEM VERSIONING tables
       * Fixed json encode error in export
       * Fixed JavaScript events not activating on input (sql bookmark issue)
       * Show Designer combo boxes when adding a constraint
       * Fix edit view
       * Fixed invalid default value for bit field
       * Fix several errors relating to GIS data types
       * Fixed javascript error PMA_messages is not defined
       * Fixed import XML data with leading zeros
       * Fixed php notice, added support for 'DELETE HISTORY' table privilege
         (MariaDB >= 10.3.4)
       * Fixed MySQL 8.0.0 issues with GIS display
       * Fixed "Server charset" in "Database server" tab showing wrong information
       * Fixed can not copy user on Percona Server 5.7
       * Updated sql-parser to version 4.3.2, which fixes several parsing and
         linting problems
       - boo#1137497 / PMASA-2019-4 / CVE-2019-12616 / CWE-661: Fixed CSRF
         vulnerability in login form
       - boo#1137496 / PMASA-2019-3 / CVE-2019-11768 / CWE-661: Fixed SQL
         injection in Designer feature
       This update was imported from the openSUSE:Leap:15.0:Update update project.
    Patch Instructions:
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
       Alternatively you can run the command listed for your product:
       - openSUSE Backports SLE-15-SP1:
          zypper in -t patch openSUSE-2019-1861=1
    Package List:
       - openSUSE Backports SLE-15-SP1 (noarch):

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":51.32,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.47,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"26","type":"x","order":"3","pct":34.21,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.