Advisories » MGASA-2019-0057

Updated phpmyadmin packages fix security vulnerabilities

Publication date: 30 Jan 2019
Modification date: 30 Jan 2019
Type: security
Affected Mageia releases : 6

Description

- Possible SQL injection in Designer feature
- When AllowArbitraryServer configuration set to true, with the use of a
rogue MySQL server, an attacker can read any file on the server that the
web server's user can access.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24238
• https://www.phpmyadmin.net/security/PMASA-2019-1/
• https://www.phpmyadmin.net/security/PMASA-2019-2/

SRPMS

6/core

• phpmyadmin-4.7.8-4.mga6