[SECURITY] Fedora 11 Update: phpMyAdmin-3.2.0.1-1.fc11
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jul 3 19:39:19 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-7329
2009-07-03 18:38:23
--------------------------------------------------------------------------------
Name : phpMyAdmin
Product : Fedora 11
Version : 3.2.0.1
Release : 1.fc11
URL : http://www.phpmyadmin.net/
Summary : Web based MySQL browser written in php
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages
--------------------------------------------------------------------------------
Update Information:
The first security release for phpMyAdmin 3.2.0: - [security] XSS: Insufficient
output sanitizing in bookmarks This version contains a number of small new
features and some bug fixes: - [core] better support for vendor customisation
(based on what Debian needs) - [rfe] warn when session.gc_maxlifetime is less
than cookie validity - [rfe] configurable default charset for import - [rfe]
link to InnoDB status when error 150 occurs - [rfe] strip ` from column names
on import - [rfe] LeftFrameDBSeparator can be an array - [privileges] Extra
back reference when editing table-specific privileges - [display] Sortable
database columns - [lang] Wrong string in setup script hints - [cleanup] XHTML
cleanup, - [display] Possibility of disabling the sliders - [privileges]
Create user for existing database - [privileges] Cleanup - [auth]
AllowNoPasswordRoot error message is too vague - [XHTML] View table
headers/footers completely - [core] support column name having square brackets
- [lang] Lithuanian update - [auth] New setting AllowNoPassword (supercedes
AllowNoPasswordRoot) that applies to all accounts (even the anonymous user) -
[relation] Missing code with hashing for relationship editing - [rfe] Added
option to disable mcrypt warning. - [bug] Request-URI Too Large error from
Location header - [rfe] Check for relations support on main page. - [rfe]
Explanation for using Host table. - [rfe] Link to download more themes. -
[rfe] Add option to generate password on change password page. - [rfe] Allow
logging of user status with Apache. - [patch] None default is different than
other None in some languages. - [lang] Chinese Simplified update - [display]
Sort arrows problem - [security] warn about existence of config directory on
main page - [lang] Polish update - [export] Escape new line in CSV export -
[patch] Optimizations for PHP loops - [import] SQL_MODE not saved during
Partial Import - [auth] cache control missing (PHP-CGI) - [parser] Incorrect
parsing of constraints in ALTER TABLE - [status] Server status - replication -
[edit] Multi-row change with "]" improved - [rfe] Automatically copy generated
password - [interface] Table with name 'log_views' is incorrectly displayed as
a view - [patch] Detect mcrypt initialization failure - [lang] Galician update
- [lang] Swedish update - [lang] Norwegian update - [lang] Catalan update -
[lang] Finnish update - [lang] Hungarian update
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org> 3.2.0.1-1
- Upstream released 3.2.0.1 (#508879)
* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org> 3.2.0-1
- Upstream released 3.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5)
https://bugzilla.redhat.com/show_bug.cgi?id=508879
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update phpMyAdmin' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list