stable

phpMyAdmin-4.0.10.14-1.el6

FEDORA-EPEL-2016-6eee18cd6e created by robert 8 years ago for Fedora EPEL 6

phpMyAdmin 4.0.10.14 (2016-01-29)

  • Error with PMA 4.0.10.13 with PHP 5.2

phpMyAdmin 4.0.10.13 (2016-01-28)

  • [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1
  • [Security] Unsafe generation of CSRF token, see PMASA-2016-2
  • [Security] Multiple XSS vulnerabilities, see PMASA-2016-3
  • [Security] Insecure password generation in JavaScript, see PMASA-2016-4
  • [Security] Unsafe comparison of CSRF token, see PMASA-2016-5

This update has been submitted for testing by robert.

8 years ago
User Icon nijel provided feedback 8 years ago
karma
User Icon robert commented & provided feedback 8 years ago

nijel, RHEL/CentOS 6 ships PHP >= 5.3. May you please explain why you reference a PHP 5.2 related issue here without any further comment?

User Icon nijel commented & provided feedback 8 years ago

There will be soon followup release fixing that, so it might be good idea to postpone testing and wait for it...

robert edited this update.

8 years ago

robert edited this update.

New build(s):

  • phpMyAdmin-4.0.10.14-1.el6

Removed build(s):

  • phpMyAdmin-4.0.10.13-1.el6
8 years ago

This update has been submitted for testing by robert.

8 years ago

robert edited this update.

8 years ago

This update has been pushed to testing.

8 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by robert.

8 years ago

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
1
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
modified
8 years ago
BZ#1302676 CVE-2016-2038 phpMyAdmin: Multiple full path disclosure vulnerabilities (PMASA-2016-1)
0
0
BZ#1302677 CVE-2016-2039 phpMyAdmin: Unsafe generation of XSRF/CSRF token (PMASA-2016-2)
0
0
BZ#1302679 CVE-2016-2040 phpMyAdmin: Multiple XSS vulnerabilities (PMASA-2016-3)
0
0
BZ#1302680 CVE-2016-1927 phpMyAdmin: Insecure password generation in JavaScript (PMASA-2016-4)
0
0
BZ#1302681 CVE-2016-2041 phpMyAdmin: Unsafe comparison of XSRF/CSRF token (PMASA-2016-5)
0
0
BZ#1302791 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 CVE-2016-1927 CVE-2016-2041 CVE-2016-2043 CVE-2016-2044 CVE-2016-2045 phpmyadmin: various flaws [epel-all]
0
0

Automated Test Results