--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-7329
2009-07-03 18:38:23
--------------------------------------------------------------------------------

Name        : phpMyAdmin
Product     : Fedora 11
Version     : 3.2.0.1
Release     : 1.fc11
URL         : https://www.phpmyadmin.net/
Summary     : Web based MySQL browser written in php
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages

--------------------------------------------------------------------------------
Update Information:

The first security release for phpMyAdmin 3.2.0:  - [security] XSS: Insufficient
output sanitizing in bookmarks    This version contains a number of small new
features and some bug fixes:  - [core] better support for vendor customisation
(based on what Debian needs)  - [rfe] warn when session.gc_maxlifetime is less
than cookie validity  - [rfe] configurable default charset for import  - [rfe]
link to InnoDB status when error 150 occurs  - [rfe] strip ` from column names
on import  - [rfe] LeftFrameDBSeparator can be an array  - [privileges] Extra
back reference when editing table-specific privileges  - [display] Sortable
database columns  - [lang] Wrong string in setup script hints  - [cleanup] XHTML
cleanup,  - [display] Possibility of disabling the sliders  - [privileges]
Create user for existing database  - [privileges] Cleanup  - [auth]
AllowNoPasswordRoot error message is too vague   - [XHTML] View table
headers/footers completely  - [core] support column name having square brackets
- [lang] Lithuanian update  - [auth] New setting AllowNoPassword (supercedes
AllowNoPasswordRoot) that applies to all accounts (even the anonymous user)  -
[relation] Missing code with hashing for relationship editing  - [rfe] Added
option to disable mcrypt warning.  - [bug] Request-URI Too Large error from
Location header  - [rfe] Check for relations support on main page.  - [rfe]
Explanation for using Host table.  - [rfe] Link to download more themes.  -
[rfe] Add option to generate password on change password page.  - [rfe] Allow
logging of user status with Apache.  - [patch] None default is different than
other None in some languages.  - [lang] Chinese Simplified update  - [display]
Sort arrows problem  - [security] warn about existence of config directory on
main page  - [lang] Polish update  - [export] Escape new line in CSV export  -
[patch] Optimizations for PHP loops  - [import] SQL_MODE not saved during
Partial Import   - [auth] cache control missing (PHP-CGI)  - [parser] Incorrect
parsing of constraints in ALTER TABLE  - [status] Server status - replication  -
[edit] Multi-row change with "]" improved  - [rfe] Automatically copy generated
password  - [interface] Table with name 'log_views' is incorrectly displayed as
a view  - [patch] Detect mcrypt initialization failure  - [lang] Galician update
- [lang] Swedish update  - [lang] Norwegian update  - [lang] Catalan update  -
[lang] Finnish update  - [lang] Hungarian update
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun 30 2009 Robert Scheck  3.2.0.1-1
- Upstream released 3.2.0.1 (#508879)
* Tue Jun 30 2009 Robert Scheck  3.2.0-1
- Upstream released 3.2.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5)
        https://bugzilla.redhat.com/show_bug.cgi?id=508879
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update phpMyAdmin' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 11 Update: phpMyAdmin-3.2.0.1-1.fc11

July 3, 2009
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bu...

Summary

phpMyAdmin is a tool written in PHP intended to handle the administration of

MySQL over the Web. Currently it can create and drop databases,

create/drop/alter tables, delete/edit/add fields, execute any SQL statement,

manage keys on fields, manage privileges,export data into various formats and

is available in 50 languages

Update Information:

The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - [core] better support for vendor customisation (based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less than cookie validity - [rfe] configurable default charset for import - [rfe] link to InnoDB status when error 150 occurs - [rfe] strip ` from column names on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra back reference when editing table-specific privileges - [display] Sortable database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML cleanup, - [display] Possibility of disabling the sliders - [privileges] Create user for existing database - [privileges] Cleanup - [auth] AllowNoPasswordRoot error message is too vague - [XHTML] View table headers/footers completely - [core] support column name having square brackets - [lang] Lithuanian update - [auth] New setting AllowNoPassword (supercedes AllowNoPasswordRoot) that applies to all accounts (even the anonymous user) - [relation] Missing code with hashing for relationship editing - [rfe] Added option to disable mcrypt warning. - [bug] Request-URI Too Large error from Location header - [rfe] Check for relations support on main page. - [rfe] Explanation for using Host table. - [rfe] Link to download more themes. - [rfe] Add option to generate password on change password page. - [rfe] Allow logging of user status with Apache. - [patch] None default is different than other None in some languages. - [lang] Chinese Simplified update - [display] Sort arrows problem - [security] warn about existence of config directory on main page - [lang] Polish update - [export] Escape new line in CSV export - [patch] Optimizations for PHP loops - [import] SQL_MODE not saved during Partial Import - [auth] cache control missing (PHP-CGI) - [parser] Incorrect parsing of constraints in ALTER TABLE - [status] Server status - replication - [edit] Multi-row change with "]" improved - [rfe] Automatically copy generated password - [interface] Table with name 'log_views' is incorrectly displayed as a view - [patch] Detect mcrypt initialization failure - [lang] Galician update - [lang] Swedish update - [lang] Norwegian update - [lang] Catalan update - [lang] Finnish update - [lang] Hungarian update

Change Log

* Tue Jun 30 2009 Robert Scheck 3.2.0.1-1 - Upstream released 3.2.0.1 (#508879) * Tue Jun 30 2009 Robert Scheck 3.2.0-1 - Upstream released 3.2.0

References

[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5) https://bugzilla.redhat.com/show_bug.cgi?id=508879

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update phpMyAdmin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : phpMyAdmin
Product : Fedora 11
Version : 3.2.0.1
Release : 1.fc11
URL : https://www.phpmyadmin.net/
Summary : Web based MySQL browser written in php

Related News

13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved