[SECURITY] Fedora 11 Update: phpMyAdmin-

updates at fedoraproject.org updates at fedoraproject.org
Fri Jul 3 19:39:19 UTC 2009

Fedora Update Notification
2009-07-03 18:38:23

Name        : phpMyAdmin
Product     : Fedora 11
Version     :
Release     : 1.fc11
URL         : http://www.phpmyadmin.net/
Summary     : Web based MySQL browser written in php
Description :
phpMyAdmin is a tool written in PHP intended to handle the administration of
MySQL over the Web. Currently it can create and drop databases,
create/drop/alter tables, delete/edit/add fields, execute any SQL statement,
manage keys on fields, manage privileges,export data into various formats and
is available in 50 languages

Update Information:

The first security release for phpMyAdmin 3.2.0:  - [security] XSS: Insufficient
output sanitizing in bookmarks    This version contains a number of small new
features and some bug fixes:  - [core] better support for vendor customisation
(based on what Debian needs)  - [rfe] warn when session.gc_maxlifetime is less
than cookie validity  - [rfe] configurable default charset for import  - [rfe]
link to InnoDB status when error 150 occurs  - [rfe] strip ` from column names
on import  - [rfe] LeftFrameDBSeparator can be an array  - [privileges] Extra
back reference when editing table-specific privileges  - [display] Sortable
database columns  - [lang] Wrong string in setup script hints  - [cleanup] XHTML
cleanup,  - [display] Possibility of disabling the sliders  - [privileges]
Create user for existing database  - [privileges] Cleanup  - [auth]
AllowNoPasswordRoot error message is too vague   - [XHTML] View table
headers/footers completely  - [core] support column name having square brackets
- [lang] Lithuanian update  - [auth] New setting AllowNoPassword (supercedes
AllowNoPasswordRoot) that applies to all accounts (even the anonymous user)  -
[relation] Missing code with hashing for relationship editing  - [rfe] Added
option to disable mcrypt warning.  - [bug] Request-URI Too Large error from
Location header  - [rfe] Check for relations support on main page.  - [rfe]
Explanation for using Host table.  - [rfe] Link to download more themes.  -
[rfe] Add option to generate password on change password page.  - [rfe] Allow
logging of user status with Apache.  - [patch] None default is different than
other None in some languages.  - [lang] Chinese Simplified update  - [display]
Sort arrows problem  - [security] warn about existence of config directory on
main page  - [lang] Polish update  - [export] Escape new line in CSV export  -
[patch] Optimizations for PHP loops  - [import] SQL_MODE not saved during
Partial Import   - [auth] cache control missing (PHP-CGI)  - [parser] Incorrect
parsing of constraints in ALTER TABLE  - [status] Server status - replication  -
[edit] Multi-row change with "]" improved  - [rfe] Automatically copy generated
password  - [interface] Table with name 'log_views' is incorrectly displayed as
a view  - [patch] Detect mcrypt initialization failure  - [lang] Galician update
- [lang] Swedish update  - [lang] Norwegian update  - [lang] Catalan update  -
[lang] Finnish update  - [lang] Hungarian update

* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org>
- Upstream released (#508879)
* Tue Jun 30 2009 Robert Scheck <robert at fedoraproject.org> 3.2.0-1
- Upstream released 3.2.0

  [ 1 ] Bug #508879 - phpMyAdmin: XSS: Insufficient output sanitizing in bookmarks (PMASA-2009-5)

This update can be installed with the "yum" update program.  Use 
su -c 'yum update phpMyAdmin' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list