-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 7 Nov 2007 13:30:08 +0100
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:2.9.1.1-5
Distribution: stable-security
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
phpmyadmin - Administrate MySQL over the WWW
Changes:
phpmyadmin (4:2.9.1.1-5) stable-security; urgency=high
.
* Update for etch to address a security issue.
* Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before
2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via
certain input available in (1) PHP_SELF in (a) server_status.php, and (b)
grab_globals.lib.php, (c) display_change_password.lib.php, and (d)
common.lib.php in libraries/; and certain input available in PHP_SELF and
(2) PATH_INFO in libraries/common.inc.php.
(CVE-2007-5589, PMASA-2007-6)
Files:
64170774dbb881ab6079c75a673a7562 1011 web extra phpmyadmin_2.9.1.1-5.dsc
0c70dcfbb3770d8ac964f55bd00d405d 49397 web extra phpmyadmin_2.9.1.1-5.diff.gz
6d19ca77b29ef875866de796796fe787 3606180 web extra phpmyadmin_2.9.1.1-5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRzG3tWz0hbPcukPfAQILnggAh6oTEwBlCnZrf+sUL4Mt3X6Kq0ylTYex
ePxhGPF97BZAmfcmuCLW+6wPcODP8oQTxLziGYs0KiL2ddZhowlYDN9Yr1DdhVU7
Q93+lEOPEB2Yy7Je6zOtIx/sa30y1x4qyFWRV7eYAlaER7JJXba9/J3ttij/rNuo
5tr2XX3ArU+L0PpKtgLYJs2cvzz/dKJN4vXWX1KrvoilVsWPTkmWPE4YY+r+WXr0
dAG4JuPg/0Ft/6IgFZnFctkXJtH8E9lSGlaHz8LEkCXV7Fe8/JC2Y+l/nf1WKsOv
fun5/t7/JLbzJkHDERx2s9Ir1AJYx6N9pmxsYANfCKLiIF/dWPJmvA==
=O7US
-----END PGP SIGNATURE-----
Accepted:
phpmyadmin_2.9.1.1-5.diff.gz
to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-5.diff.gz
phpmyadmin_2.9.1.1-5.dsc
to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-5.dsc
phpmyadmin_2.9.1.1-5_all.deb
to pool/main/p/phpmyadmin/phpmyadmin_2.9.1.1-5_all.deb
