Updated phpmyadmin packages fix security vulnerabilities
Publication date: 03 Feb 2017Modification date: 03 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-6621 , CVE-2015-8980
Description
Multiple vulnerabilities in setup script (CVE-2016-6621 / PMASA-2016-44). Open redirect (PMASA-2017-1). php-gettext code execution (CVE-2015-8980 / PMASA-2017-2). DOS vulnerability in table editing (PMASA-2017-3). CSS injection in themes (PMASA-2017-4). SSRF in replication (PMASA-2017-6). DOS in replication status (PMASA-2017-7).
References
- https://bugs.mageia.org/show_bug.cgi?id=20169
- https://www.phpmyadmin.net/security/PMASA-2016-44/
- https://www.phpmyadmin.net/security/PMASA-2017-1/
- https://www.phpmyadmin.net/security/PMASA-2017-2/
- https://www.phpmyadmin.net/security/PMASA-2017-3/
- https://www.phpmyadmin.net/security/PMASA-2017-4/
- https://www.phpmyadmin.net/security/PMASA-2017-6/
- https://www.phpmyadmin.net/security/PMASA-2017-7/
- https://www.phpmyadmin.net/files/4.4.15.10/
- https://www.phpmyadmin.net/news/2017/1/23/phpmyadmin-466-441510-and-401019-are-released/
- https://lists.opensuse.org/opensuse-updates/2017-02/msg00015.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6621
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8980
SRPMS
5/core
- phpmyadmin-4.4.15.10-1.mga5