oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: phpMyAdmin

From: Josh Bressers <bressers () redhat com>
Date: Mon, 11 Jan 2010 18:33:07 -0500 (EST)
Steve,

I'm going to defer this one to you for CVE assignment so you can dish out 2009 and 2008 ids for these.

Thanks.

-- 
    JB


----- "Ludwig Nussel" <ludwig.nussel () suse de> wrote:


Hi,

phpMyAdmin 2.11.10 was released with security fixes according to the
changelog:
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_10/phpMyAdmin/ChangeLog?revision=13152&view=markup

unserialize fix:
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149

the temporary file issues seem to be from 2008 but were not released
so far:
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Previous By Date Next
Previous By Thread Next

Current thread: