-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 12 Jan 2007 15:29:28 +0100 Source: phpmyadmin Binary: phpmyadmin Architecture: source all Version: 4:2.9.1.1-2 Distribution: unstable Urgency: high Maintainer: Thijs Kinkhorst <thijs@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: phpmyadmin - Administrate MySQL over the WWW Closes: 404744 406332 406486 Changes: phpmyadmin (4:2.9.1.1-2) unstable; urgency=high . * Backport security-related changes from 2.9.2-rc1: * CVE-2007-0203: Multiple unspecified vulnerabilities; this turns out to be (1) cross site scripting and (2) the same as CVE-2006-6374. (Closes: #406332, #406486) * CVE-2006-6374: the vulnerability only applies to PHP < 5.1.2 and < 4.4.2, so strictly speaking current Debian is not vulnerable. Include it anyway, to not expose those using older PHP versions. (Closes: #404744) Files: 32f6ddc7c311cbab842d04a60fe0d804 590 web extra phpmyadmin_2.9.1.1-2.dsc 09970b6e6ad44e9e9e43705f6cc8ff3c 45083 web extra phpmyadmin_2.9.1.1-2.diff.gz 472b1e681ecf7013f53fa4fdd5c08abb 3590568 web extra phpmyadmin_2.9.1.1-2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFp5zSJdKMxZV9WM8RAsrtAJ4u9r2Ett84jpPx/4jCt18USuQA9QCfSXqS igJIGEpS3BNSi1cmoNOSm0E= =7yUl -----END PGP SIGNATURE----- Accepted: phpmyadmin_2.9.1.1-2.diff.gz to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-2.diff.gz phpmyadmin_2.9.1.1-2.dsc to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-2.dsc phpmyadmin_2.9.1.1-2_all.deb to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-2_all.deb