{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 7, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "The **phpMyAdmin** team announces the release of both **4.9.5** and **5.0.2**.\n\nBoth versions contain several security fixes:\n\n*    PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password\n*    PMASA-2020-3 SQL injection vulnerability relating to the search feature\n*    PMASA-2020-4 SQL injection and XSS having to do with displaying results\n*    Removing of the \"options\" field for the external transformation.\n\nThere are many other bugs fixes, please see the ChangeLog file included with this release for full details.\n\n\n\n", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2020-03-23 07:10:24", "date_modified": "2020-03-24 11:06:22", "date_approved": null, "date_testing": "2020-03-24 19:54:48", "date_stable": "2020-04-01 16:31:17", "alias": "FEDORA-2020-e60ce63865", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2020-04-01 16:31:17", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2020-e60ce63865", "title": "phpMyAdmin-5.0.2-2.fc32", "version_hash": "cabed65ed5203b38cdc63a592e1bdad7d7fb57c6", "release": {"name": "F32", "long_name": "Fedora 32", "version": "32", "id_prefix": "FEDORA", "branch": "f32", "dist_tag": "f32", "stable_tag": "f32-updates", "testing_tag": "f32-updates-testing", "candidate_tag": "f32-updates-candidate", "pending_signing_tag": "f32-signing-pending", "pending_testing_tag": "f32-updates-testing-pending", "pending_stable_tag": "f32-updates-pending", "override_tag": "f32-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "remi", "email": "fedora@famillecollet.com", "id": 94, "avatar": "https://seccdn.libravatar.org/avatar/619d3923bdf71a705e6f65371e59246522f52ad96485c9731408ff28554716cf?s=24&d=retro", "openid": "remi.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "centosproject-email-aliases"}, {"name": "sig-sclo"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by remi. ", "timestamp": "2020-03-23 07:10:24", "update_id": 194577, "user_id": 91, "id": 1290897, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2020-03-23 07:10:25", "update_id": 194577, "user_id": 91, "id": 1290898, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-03-23 07:10:29", "update_id": 194577, "user_id": 91, "id": 1290901, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.", "timestamp": "2020-03-23 11:39:37", "update_id": 194577, "user_id": 91, "id": 1291184, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.", "timestamp": "2020-03-23 13:00:21", "update_id": 194577, "user_id": 91, "id": 1291293, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.", "timestamp": "2020-03-23 13:03:38", "update_id": 194577, "user_id": 91, "id": 1291303, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "bug_feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816097, "bug": {"bug_id": 1816097, "title": "CVE-2020-10804 phpMyAdmin: SQL injection was found in retrieval of the current username which could result privilege escalation", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1291368, "bug_id": 1816100, "bug": {"bug_id": 1816100, "title": "CVE-2020-10804 phpMyAdmin: SQL vulnerability was found in retrieval of the current username which could result privilege escalation [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1291368, "bug_id": 1816131, "bug": {"bug_id": 1816131, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1291368, "bug_id": 1816133, "bug": {"bug_id": 1816133, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1291368, "bug_id": 1816144, "bug": {"bug_id": 1816144, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1291368, "bug_id": 1816146, "bug": {"bug_id": 1816146, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-03-24 01:52:52", "update_id": 194577, "user_id": 91, "id": 1292380, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "remi edited this update.\n\nNew build(s):\n\n- phpMyAdmin-5.0.2-2.fc32\n\nRemoved build(s):\n\n- phpMyAdmin-5.0.2-1.fc32\n\nKarma has been reset.", "timestamp": "2020-03-24 11:06:20", "update_id": 194577, "user_id": 91, "id": 1292933, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by remi. ", "timestamp": "2020-03-24 11:06:22", "update_id": 194577, "user_id": 91, "id": 1292934, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "bug_feedback": [{"karma": 0, "comment_id": 1293041, "bug_id": 1816097, "bug": {"bug_id": 1816097, "title": "CVE-2020-10804 phpMyAdmin: SQL injection was found in retrieval of the current username which could result privilege escalation", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816100, "bug": {"bug_id": 1816100, "title": "CVE-2020-10804 phpMyAdmin: SQL vulnerability was found in retrieval of the current username which could result privilege escalation [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816131, "bug": {"bug_id": 1816131, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816133, "bug": {"bug_id": 1816133, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816144, "bug": {"bug_id": 1816144, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M", "security": true, "parent": true}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816146, "bug": {"bug_id": 1816146, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-03-24 19:55:57", "update_id": 194577, "user_id": 91, "id": 1293509, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2020-03-31 19:57:36", "update_id": 194577, "user_id": 91, "id": 1304135, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2020-03-31 19:57:37", "update_id": 194577, "user_id": 91, "id": 1304136, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2020-04-01 16:34:03", "update_id": 194577, "user_id": 91, "id": 1305468, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "phpMyAdmin-5.0.2-2.fc32", "signed": true, "release_id": 35, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1816097, "title": "CVE-2020-10804 phpMyAdmin: SQL injection was found in retrieval of the current username which could result privilege escalation", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816097, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816097, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}, {"bug_id": 1816100, "title": "CVE-2020-10804 phpMyAdmin: SQL vulnerability was found in retrieval of the current username which could result privilege escalation [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816100, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816100, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}, {"bug_id": 1816131, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816131, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816131, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}, {"bug_id": 1816133, "title": "CVE-2020-10803 phpMyAdmin: Inserting specially crafted code in database tables, retrieving and  displaying resuts could result in XSS [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816133, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816133, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}, {"bug_id": 1816144, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816144, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816144, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}, {"bug_id": 1816146, "title": "CVE-2020-10802 phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1291368, "bug_id": 1816146, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-23 13:38:53", "update_id": 194577, "user_id": 2935, "id": 1291368, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}, {"karma": 0, "comment_id": 1293041, "bug_id": 1816146, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-24 13:06:38", "update_id": 194577, "user_id": 2935, "id": 1293041, "testcase_feedback": [], "user": {"name": "imabug", "email": "eugenemah@gmail.com", "id": 2935, "avatar": "https://seccdn.libravatar.org/avatar/ea8ba927783ee0ef10e6f05f14791abf925972bac4f31aba458058d3e7907a6d?s=24&d=retro", "openid": "imabug.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedora-hams"}]}}}]}], "updateid": "FEDORA-2020-e60ce63865", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}