phpMyAdmin: security bugs
Xose Vazquez Perez
xose.vazquez at gmail.com
Tue Oct 8 19:02:49 UTC 2013
hi,
3.5.8.2 was released time ago with
several bugs fixed: http://bugzilla.redhat.com/959946
Current version in Fedora Rawhide: 3.5.8.1
Welcome to phpMyAdmin 3.5.8.2, a security release.
3.5.8.2 (2013-07-28)
- [security] Fix self-XSS in "Showing rows", see PMASA-2013-8
- [security] Fix self-XSS in Display chart, see PMASA-2013-9
- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
+ [security] JSON content type header for version_check.php, see PMASA-2013-9
+ [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9
+ [security] Fix full path disclosure, see PMASA-2013-12
+ [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
+ [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15
- [security] Fix self-XSS in schema export, see PMASA-2013-14
- [security] Fix unencoded json object, see PMASA-2013-11
-thanks-
More information about the devel
mailing list