Updated phpmyadmin packages fix security vulnerability
Publication date: 03 Apr 2017Modification date: 03 Apr 2017
Type: security
Affected Mageia releases : 5
Description
A vulnerability was discovered where the restrictions caused by $cfg['Servers'][$i]['AllowNoPassword'] = false are bypassed under certain PHP versions. This can allow the login of users who have no password set even if the administrator has set $cfg['Servers'][$i]['AllowNoPassword'] to false (which is also the default).
References
SRPMS
5/core
- phpmyadmin-4.4.15.10-2.mga5