libphp-adodb - Debian Package Tracker

general

source: libphp-adodb (main)
version: 5.22.9-0.1
maintainer: Cameron Dale (DMD)
uploaders: Jean-Michel Vourgère [DMD]
arch: all
std-ver: 4.6.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 5.20.19-1+deb11u1
o-o-sec: 5.20.19-1+deb11u2
oldstable: 5.21.4-1
old-bpo: 5.22.9-0.1~bpo12+1
old-p-u: 5.21.4-1+deb12u1
stable: 5.22.9-0.1
testing: 5.22.9-0.1
unstable: 5.22.9-0.1

versioned links

5.20.19-1+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.20.19-1+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.21.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.21.4-1+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.22.9-0.1~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.22.9-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libphp-adodb

action needed

Marked for autoremoval on 18 September: #1110464 high

Version 5.22.9-0.1 of libphp-adodb is marked for autoremoval from testing on Thu 18 Sep 2025. It is affected by #1110464. The removal of libphp-adodb will also cause the removal of (transitive) reverse dependency: phppgadmin. You should try to prevent the removal by fixing these RC bugs.

Created: 2025-08-12 Last update: 2025-08-16 03:01

A new upstream version is available: 5.22.10 high

A new upstream version 5.22.10 is available, you should consider packaging it.

Created: 2025-08-06 Last update: 2025-08-15 21:30

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2025-54119: ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

Created: 2025-08-05 Last update: 2025-08-10 06:32

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2025-54119: ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

Created: 2025-08-09 Last update: 2025-08-10 06:32

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2025-54119: ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

Created: 2025-08-05 Last update: 2025-08-10 06:32

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-04-10 Last update: 2025-04-10 00:31

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-54119: (needs triaging) ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-09 Last update: 2025-08-10 06:32

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-54119: (needs triaging) ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.

You can find information about how to handle this issue in the security team's documentation.

1 issue that should be fixed with the next stable update:

CVE-2025-46337: ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and calls pg_insert_id() with user-supplied data. This issue has been patched in version 5.22.9.

Created: 2025-08-05 Last update: 2025-08-10 06:32

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.6.0).

Created: 2022-05-11 Last update: 2025-05-02 23:33

news

[rss feed]

[2025-06-21] Accepted libphp-adodb 5.21.4-1+deb12u1 (source all) into proposed-updates (Debian FTP Masters) (signed by: Boyuan Yang)
[2025-05-24] Accepted libphp-adodb 5.20.19-1+deb11u2 (source) into oldstable-security (Adrian Bunk)
[2025-05-06] Accepted libphp-adodb 5.22.9-0.1~bpo12+1 (source) into stable-backports (Boyuan Yang)
[2025-05-05] libphp-adodb 5.22.9-0.1 MIGRATED to testing (Debian testing watch)
[2025-05-02] Accepted libphp-adodb 5.22.9-0.1 (source) into unstable (Leandro Cunha) (signed by: Boyuan Yang)
[2025-02-25] libphp-adodb 5.22.8-0.1 MIGRATED to testing (Debian testing watch)
[2025-02-19] Accepted libphp-adodb 5.22.8-0.1 (source) into unstable (Leandro Cunha) (signed by: Boyuan Yang)
[2024-11-06] Accepted libphp-adodb 5.22.7-0.1~bpo12+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Boyuan Yang)
[2024-07-17] libphp-adodb 5.22.7-0.1 MIGRATED to testing (Debian testing watch)
[2024-07-12] Accepted libphp-adodb 5.22.7-0.1 (source) into unstable (Leandro Cunha) (signed by: Samuel Henrique)
[2022-03-18] libphp-adodb 5.21.4-1 MIGRATED to testing (Debian testing watch)
[2022-03-16] Accepted libphp-adodb 5.20.14-1+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-03-14] Accepted libphp-adodb 5.20.19-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-03-13] Accepted libphp-adodb 5.20.19-1+deb11u1 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-03-13] Accepted libphp-adodb 5.20.14-1+deb10u1 (source) into oldstable->embargoed, oldstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-03-12] Accepted libphp-adodb 5.21.4-1 (source) into unstable (Jean-Michel Vourgère)
[2022-03-12] libphp-adodb REMOVED from testing (Debian testing watch)
[2022-02-06] Accepted libphp-adodb 5.20.9-1+deb9u1 (source) into oldoldstable (Utkarsh Gupta)
[2021-03-14] Accepted libphp-adodb 5.21.0-1 (source) into experimental (Jean-Michel Vourgère)
[2020-12-24] libphp-adodb 5.20.19-1 MIGRATED to testing (Debian testing watch)
[2020-12-24] libphp-adodb 5.20.19-1 MIGRATED to testing (Debian testing watch)
[2020-12-23] Accepted libphp-adodb 5.21.0~beta.1-1 (source) into experimental (Jean-Michel Vourgère)
[2020-12-19] Accepted libphp-adodb 5.20.19-1 (source) into unstable (Jean-Michel Vourgère)
[2020-08-24] libphp-adodb 5.20.18-1 MIGRATED to testing (Debian testing watch)
[2020-08-17] Accepted libphp-adodb 5.20.18-1 (source) into unstable (Jean-Michel Vourgère)
[2020-04-17] libphp-adodb 5.20.17-2 MIGRATED to testing (Debian testing watch)
[2020-04-12] Accepted libphp-adodb 5.20.17-2 (source) into unstable (Jean-Michel Vourgère)
[2020-04-11] Accepted libphp-adodb 5.20.17-1 (source all) into unstable (Jean-Michel Vourgère)
[2020-01-23] libphp-adodb 5.20.16-1 MIGRATED to testing (Debian testing watch)
[2020-01-17] Accepted libphp-adodb 5.20.16-1 (source) into unstable (Jean-Michel Vourgère)

bugs [bug history graph]

all: 1
RC: 1
I&N: 0
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.22.9-0.1