openSUSE: 2019:1861-1: moderate: phpMyAdmin

    Date14 Aug 2019
    CategoryopenSUSE
    192
    Posted ByLinuxSecurity Advisories
    An update that fixes two vulnerabilities is now available.
       openSUSE Security Update: Security update for phpMyAdmin
    ______________________________________________________________________________
    
    Announcement ID:    openSUSE-SU-2019:1861-1
    Rating:             moderate
    References:         #1137496 #1137497 
    Cross-References:   CVE-2019-11768 CVE-2019-12616
    Affected Products:
                        openSUSE Backports SLE-15-SP1
    ______________________________________________________________________________
    
       An update that fixes two vulnerabilities is now available.
    
    Description:
    
       This update for phpMyAdmin fixes the following issues:
    
       phpMyAdmin was updated to 4.9.0.1:
    
       * Several issues with SYSTEM VERSIONING tables
       * Fixed json encode error in export
       * Fixed JavaScript events not activating on input (sql bookmark issue)
       * Show Designer combo boxes when adding a constraint
       * Fix edit view
       * Fixed invalid default value for bit field
       * Fix several errors relating to GIS data types
       * Fixed javascript error PMA_messages is not defined
       * Fixed import XML data with leading zeros
       * Fixed php notice, added support for 'DELETE HISTORY' table privilege
         (MariaDB >= 10.3.4)
       * Fixed MySQL 8.0.0 issues with GIS display
       * Fixed "Server charset" in "Database server" tab showing wrong information
       * Fixed can not copy user on Percona Server 5.7
       * Updated sql-parser to version 4.3.2, which fixes several parsing and
         linting problems
    
       - boo#1137497 / PMASA-2019-4 / CVE-2019-12616 / CWE-661: Fixed CSRF
         vulnerability in login form
         https://www.phpmyadmin.net/security/PMASA-2019-4/
    
       - boo#1137496 / PMASA-2019-3 / CVE-2019-11768 / CWE-661: Fixed SQL
         injection in Designer feature
         https://www.phpmyadmin.net/security/PMASA-2019-3/
    
    
       This update was imported from the openSUSE:Leap:15.0:Update update project.
    
    
    Patch Instructions:
    
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - openSUSE Backports SLE-15-SP1:
    
          zypper in -t patch openSUSE-2019-1861=1
    
    
    
    Package List:
    
       - openSUSE Backports SLE-15-SP1 (noarch):
    
          phpMyAdmin-4.9.0.1-bp151.3.3.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-11768.html
       https://www.suse.com/security/cve/CVE-2019-12616.html
       https://bugzilla.suse.com/1137496
       https://bugzilla.suse.com/1137497
    
    -- 
    

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.