{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Upstream announcement:\n# Security fix: phpMyAdmin 4.8.5 is released\n\nThe phpMyAdmin team announces the release of **phpMyAdmin version 4.8.5**. Among other bug fixes, this contains **several important security fixes**. Upgrading is highly recommended for all users.\n\nThe security fixes involve:\n\n*    Arbitrary file read vulnerability (https://www.phpmyadmin.net/security/PMASA-2019-1)\n*    SQL injection in the Designer interface (https://www.phpmyadmin.net/security/PMASA-2019-2)\n\nThe arbitrary file read vulnerability could also be exploited to delete arbitrary files on the server. This attack requires that phpMyAdmin be run with the `$cfg['AllowArbitraryServer']`  directive set to true, which is not the default. An attacker must run a malicious server process that will masquerade as a MySQL server. This exploit has been found and fixed recently in several other related projects and appears to be caused by a bug in PHP (https://bugs.php.net/bug.php?id=77496).\n\nIn addition to the security fixes, this release also includes these bug fixes and more as part of our regular release cycle:\n\n*    Export to SQL format not available\n*    QR code not shown when adding two-factor authentication to a user account\n*    Issue with adding a new user in MySQL 8.0.11 and newer\n*    Frozen interface relating to Text_Plain_Sql plugin\n*    Table level Operations tab was missing\n\nAnd several more. Complete notes are in the ChangeLog file included with this release.\n\n\n\n", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2019-01-29 15:59:39", "date_modified": "2019-01-31 09:39:51", "date_approved": null, "date_testing": "2019-01-30 03:01:08", "date_stable": "2019-02-09 01:51:00", "alias": "FEDORA-2019-6cfd17b03d", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2019-02-09 01:51:00", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cfd17b03d", "title": "phpMyAdmin-4.8.5-1.fc28", "version_hash": "79c26c1c1ddbb31d1f45da2488e4b0e2894a3200", "release": {"name": "F28", "long_name": "Fedora 28", "version": "28", "id_prefix": "FEDORA", "branch": "f28", "dist_tag": "f28", "stable_tag": "f28-updates", "testing_tag": "f28-updates-testing", "candidate_tag": "f28-updates-candidate", "pending_signing_tag": "f28-signing-pending", "pending_testing_tag": "f28-updates-testing-pending", "pending_stable_tag": "f28-updates-pending", "override_tag": "f28-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "remi", "email": "fedora@famillecollet.com", "id": 94, "avatar": "https://seccdn.libravatar.org/avatar/619d3923bdf71a705e6f65371e59246522f52ad96485c9731408ff28554716cf?s=24&d=retro", "openid": "remi.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "centosproject-email-aliases"}, {"name": "sig-sclo"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by remi. ", "timestamp": "2019-01-29 15:59:39", "update_id": 130680, "user_id": 91, "id": 889337, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2019-01-30 03:01:57", "update_id": 130680, "user_id": 91, "id": 889557, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.", "timestamp": "2019-01-31 09:39:18", "update_id": 130680, "user_id": 91, "id": 890101, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.", "timestamp": "2019-01-31 09:39:46", "update_id": 130680, "user_id": 91, "id": 890102, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2019-02-06 06:00:38", "update_id": 130680, "user_id": 91, "id": 891826, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for batched by remi. ", "timestamp": "2019-02-06 06:30:35", "update_id": 130680, "user_id": 91, "id": 891848, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by remi. ", "timestamp": "2019-02-06 06:31:39", "update_id": 130680, "user_id": 91, "id": 891850, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2019-02-09 01:52:10", "update_id": 130680, "user_id": 91, "id": 892693, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "phpMyAdmin-4.8.5-1.fc28", "signed": true, "release_id": 21, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1671264, "title": "CVE-2019-6798 CVE-2019-6799 phpMyAdmin: Multiple issues fixed in 4.8.5 version", "security": true, "parent": true, "feedback": []}], "updateid": "FEDORA-2019-6cfd17b03d", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}