-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 09 Jul 2014 18:52:48 +0200 Source: phpmyadmin Binary: phpmyadmin Architecture: source all Version: 4:3.4.11.1-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Thijs Kinkhorst <thijs@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: phpmyadmin - MySQL web administration tool Changes: phpmyadmin (4:3.4.11.1-2+deb7u1) wheezy-security; urgency=high . * Fix security issues: - CVE-2014-1879: Self-XSS due to unescaped HTML output in import. - CVE-2013-5003: SQL injection vulnerabilities (control user). - CVE-2013-5002: Self-XSS due in schema export. - CVE-2013-4996: XSS in Logo Link and Trusted Proxy List. - CVE-2013-4995: XSS in HTML Output when executing a SQL query. Checksums-Sha1: 957c6995ca8aa6db6765276a0b0c71e066b1d0e2 1590 phpmyadmin_3.4.11.1-2+deb7u1.dsc d9f420c7664815ac91b63046f9ab2869adb1c2ab 5844325 phpmyadmin_3.4.11.1.orig.tar.gz 627dadcd199b0a567434df5745083f646c29d32e 54361 phpmyadmin_3.4.11.1-2+deb7u1.debian.tar.gz fbcc49c7cb1bf71d2e7248def5498b6596424412 5502992 phpmyadmin_3.4.11.1-2+deb7u1_all.deb Checksums-Sha256: f72828bce405e75ba94a18cbdb45a101b6bdc72cfabd17f313c78b793a029b6a 1590 phpmyadmin_3.4.11.1-2+deb7u1.dsc e29332102cb1f9aac583c71e2b73c8916d3bbb8771fb8a28a4863e837be0dae6 5844325 phpmyadmin_3.4.11.1.orig.tar.gz 6ee6ac1aec9c906db4aaad03a9968695f4ae2d44e764284cf3c9631bad4d1cb8 54361 phpmyadmin_3.4.11.1-2+deb7u1.debian.tar.gz 2898de095dbe576e4c2cf81914e1660c5d42b971be8c34f67d15c03123ab9600 5502992 phpmyadmin_3.4.11.1-2+deb7u1_all.deb Files: a50f63272ad99a58ef4895ae0b188951 1590 web extra phpmyadmin_3.4.11.1-2+deb7u1.dsc e54cedac04ef1743eae381c9affd2fc1 5844325 web extra phpmyadmin_3.4.11.1.orig.tar.gz 5b3d490782044807cb7567a6e4db9c09 54361 web extra phpmyadmin_3.4.11.1-2+deb7u1.debian.tar.gz 6b0e6aa176d1a2494148572001e30a64 5502992 web extra phpmyadmin_3.4.11.1-2+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJTvX3SAAoJEFb2GnlAHawEATsIAKoc42DtytziHoEGH/vw/teA 9olLtxoSj8whKwgZwJUACp2i3nsrXCc8dkPnbSiLRelPnrC6nQNKvTzO8yPXX6Yp TQfH5an5r6Zq6QPwvS4k1DIxjxaFYRKsRie4Io8uehWAegFokesm8nHOeTZzwnHo h6amFUggrjAqlGXnQBBs0/vEtWYOBbQgzaAEgT5vIfS9DlOzmHTt9jercmpi+n9G PpBzBStEjJQjy+FN00/90NxcTiafox3mwO8KSDa8gFgfKOdCksld1//OoHRfYEwi bsVxF+FjqRDdql1IoBa56ndVP8th4JHd/hgPLSu/OoMzOtANSrCRP2gThSpC4ak= =/7aY -----END PGP SIGNATURE-----