Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 29: FEDORA-2019-33649e2e64 Critical: PHPMyAdmin SQL Update

Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' login form Upgrading is highly recommended for all users. Using the 'http'. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-33649e2e64 2019-06-14 02:16:24.042589 --------------------------------------------------------------------------------Name : php-phpmyadmin-sql-parser Product : Fedora 29 Version : 4.3.2 Release : 1.fc29 URL : https://github.com/phpmyadmin/sql-parser Summary : A validating SQL lexer and parser with a focus on MySQL dialect Description : A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. Autoloader: /usr/share/php/PhpMyAdmin/SqlParser/autoload.php --------------------------------------------------------------------------------Update Information: Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' login form Upgrading is highly recommended for all users. Using the 'http' auth_type instead of 'cookie' can mitigate the CSRF attack. The solution for the CSRF attack does remove the former functionality to log in directly through URL parameters (as mentioned in FAQ 4.8, such as ;password=foo). Such behavior was discouraged and is now removed. Other query parameters work as expected; only pma_username and pma_password have been removed. This release also includes fixes for many bugs, including: - Several issues withSYSTEM VERSIONING tables - Fixed json encode error in export - Fixed JavaScript events not activating on input (sql bookmark issue) - Show Designer combo boxes when adding a constraint - Fix edit view - Fixed invalid default value for bit field - Fix several errors relating to GIS data types - Fixed javascript error PMA_messages is not defined - Fixed import XML data with leading zeros - Fixed php notice, added support for 'DELETE HISTORY' table privilege (MariaDB > 10.3.4) - Fixed MySQL 8.0.0 issues with GIS display - Fixed "Server charset" in "Database server" tab showing wrong information - Fixed can not copy user on Percona Server 5.7 - Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems There are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors. The phpMyAdmin team ---- **phpmyadmin/sql-parser version 4.3.2** * Fix redundant whitespaces in build() outputs (#228) * Fix incorrect error on DEFAULT keyword in ALTER operation (#229) * Fix incorrect outputs from Query::getClause (#233) * Add support for reading an SQL file from stdin * Fix for missing tokenize-query in Composer's vendor/bin/ directory * Fix for PHP warnings with an incomplete CASE expression (#241) * Fix for error message with multiple CALL statements (#223) * Recognize the question mark character as a parameter (#242) --------------------------------------------------------------------------------ChangeLog: * Tue Jun 4 2019 Remi Collet - 4.3.2-1 - update to 4.3.2 - add php-phpmyadmin-sql-parser-tokenize-query command * Sun Jan 6 2019 Remi Collet - 4.3.1-1 - update to 4.3.1 * Thu Nov 1 2018 Remi Collet - 4.2.5-1 - update to 4.2.5 - switch to phpunit6 --------------------------------------------------------------------------------References: [ 1 ] Bug #1717401 - CVE-2019-11768 phpmyadmin: specially crafted database name in the designer feature can be used to trigger an SQL injection attack https://bugzilla.redhat.com/show_bug.cgi?id=1717401 [ 2 ] Bug #1717402 - CVE-2019-12616 phpmyadmin: broken tag provided by attacker and pointing at the victim's phpMyAdmin database can cause CSRF through the victim https://bugzilla.redhat.com/show_bug.cgi?id=1717402 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-33649e2e64' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This important patch for phpMyAdmin targets severe vulnerabilities. Suggested update for improved defense against attacks.. phpMyAdmin Security, SQL Injection Fix, Fedora Security Update, CSRF Protection, Database Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 13, 2019 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraXSS

Fedora 22: Critical XSS and Man-In-The-Middle Fixes for phpMyAdmin

phpMyAdmin 4.5.5.1 (2016-02-29) fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-13 for details. It also inclues fixes for the following bugs: - issue #11971 CREATE UNIQUE. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-02ee5b4002 2016-03-13 19:42:32.347711 -------------------------------------------------------------------------------- Name : php-udan11-sql-parser Product : Fedora 22 Version : 3.4.0 Release : 1.fc22 URL : https://github.com/phpmyadmin/sql-parser Summary : A validating SQL lexer and parser with a focus on MySQL dialect Description : A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. To use this library, you just have to add, in your project: require_once '/usr/share/php/SqlParser/autoload.php'; -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.5.1 (2016-02-29) =============================== This release fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-13 for details. It also inclues fixes for the following bugs: - issue #11971 CREATE UNIQUE INDEX index type is not recognized by parser. - issue #11982 Row count wrong when grouping joined tables. - issue #12012 Column definition with default value and comment in CREATE TABLE exported faulty. - issue #12020 New statement but no delimiter and unexpected token with REPLACE. - issue #12029 Fixed incorrect usage of SQL parser context in SQL export - issue #12048 Fixed inclusion of gettext library from SQLparser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1313698 - CVE-2016-2559 CVE-2016-2562 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313698 [ 2 ] Bug #1313225 - CVE-2016-2560 CVE-2016-2561 phpmyadmin: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1313225 [ 3 ] Bug #1310918 - phpMyAdmin-4.5.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310918 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-udan11-sql-parser' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Applied multiple XSS patches and enhanced security measures for php-udan11-sql-analyzer in Fedora 22.. phpMyAdmin Update,Fedora Security,SQL Parser Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 14, 2016 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatecritical

Fedora 21: Critical Update for php-udan11-sql-parser Issues

phpMyAdmin 4.5.1.0 (2015-10-23) argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system -. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5c06260c4b 2015-11-10 19:03:39.458781 -------------------------------------------------------------------------------- Name : php-udan11-sql-parser Product : Fedora 21 Version : 3.0.4 Release : 1.fc21 URL : https://github.com/phpmyadmin/sql-parser Summary : A validating SQL lexer and parser with a focus on MySQL dialect Description : A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. To use this library, you just have to add, in your project: require_once '/usr/share/php/SqlParser/autoload.php'; -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename - Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables - Change minimum PHP version for Composer - Import parser and backslash - "Visualize GIS data" seems to be broken - Confirm box on "Reset slave" option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third party auth plugins -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-udan11-sql-parser' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Elevate your Fedora 21 environment by integrating the php-udan11-sql-parser patch that resolves significant vulnerabilities.. phpMyAdminSecurity, SQL Parser Update, Fedora 21 Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2015 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Debian 9: 2017-5f6782a3d7 Urgent Patch for python-sql-query-parser

phpMyAdmin 4.5.1.0 (2015-10-23) argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system -. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-17908c56c1 2015-10-30 19:56:00.143446 -------------------------------------------------------------------------------- Name : php-udan11-sql-parser Product : Fedora 22 Version : 3.0.4 Release : 1.fc22 URL : https://github.com/phpmyadmin/sql-parser Summary : A validating SQL lexer and parser with a focus on MySQL dialect Description : A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. To use this library, you just have to add, in your project: require_once '/usr/share/php/SqlParser/autoload.php'; -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.1.0 (2015-10-23) =============================== - Invalid argument supplied for foreach() - array_key_exists() expects parameter 2 to be array - Notice Undefined index: drop_database - Server variable edition in ANSI_QUOTES sql_mode: losing current value - Propose table structure broken - phpMyAdmin suggests upgrading to newer version not usable on that system - 'PMA_Microhistory' is undefined - Incorrect definition for getTablesWhenOpen() - Error when creating new user on MariaDB 10.0.21 - Notice on htmlspecialchars() - Notice in Structure page of views - AUTO_INCREMENT always exported when IF NOT EXISTS is on - Some partitions are missing in copied table - Notice of undefined variable when performing SHOW CREATE - Error exporting sql query results with table alias - SQL editing window does not recognise'OUTER' keyword in 'LEFT OUTER JOIN' - "NOT IN" clause not recognized (MySQL 5.6 and 5.7) - Yellow star does not change in database Structure after add/remove from favorites - Invalid SQL in table definition when exporting table - Foreign key to other database's tables fails - Bug while exporting results when a joined table field name is in SELECT query - Strange behavior on table rename - Rename table does not result in refresh in left panel - Missing arguments for PMA_Table::generateAlter() - Notices about undefined indexes on structure pages of information_schema tables - Change minimum PHP version for Composer - Import parser and backslash - "Visualize GIS data" seems to be broken - Confirm box on "Reset slave" option - Fix cookies clearing on version change - Cannot execute SQL with subquery - Incorrect syntax creating a user using mysql_native_password with MariaDB - Cannot use third party auth plugins -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275108 - CVE-2015-7873 phpMyAdmin: Content spoofing on url.php (PMASA-2015-5) https://bugzilla.redhat.com/show_bug.cgi?id=1275108 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-udan11-sql-parser' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Important security patch for Fedora: php-sql-analyzer resolves various server vulnerabilities.. Fedora Security Update, phpMyAdmin Fix,SQL Parser Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 30, 2015 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here