Upstream announcement:
Security fix: phpMyAdmin 4.8.3 is released
The phpMyAdmin team is pleased to announce the release of phpMyAdmin version 4.8.2. Among other bug fixes, this contains a security fix for an issue that can be exploited when importing files.
A flaw was discovered with how warning messages are displayed while importing a file. This attack requires a specially-crafted file but can allow an attacker to trick the user in to executing a cross-site scripting (XSS) attack. We recommend updating immediately to mitigate this attack.
In addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:
And several more. Complete notes are in the ChangeLog file included with this release.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2018-f2b24ce26e
Please login to add feedback.
This update has been submitted for testing by remi.
remi edited this update.
This update has been pushed to testing.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for batched by remi.
This update has been submitted for stable by remi.
This update has been pushed to stable.