-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 28 Oct 2015 18:11:35 +0100 Source: phpmyadmin Binary: phpmyadmin Architecture: source all Version: 4:3.4.11.1-2+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Thijs Kinkhorst <thijs@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: phpmyadmin - MySQL web administration tool Closes: 774194 Changes: phpmyadmin (4:3.4.11.1-2+deb7u2) wheezy-security; urgency=high . * Fix security issues (closes: #774194): - CVE-2014-8958: Multiple XSS vulnerabilities. - CVE-2014-9218: DoS vulnerability with long passwords. - CVE-2015-2206: Risk of BREACH attack due to reflected parameter. - CVE-2015-3902: XSRF/CSRF vulnerability in phpMyAdmin setup. Checksums-Sha1: 2e64d41a6db06d6e4bf78859771af98e6607703c 1592 phpmyadmin_3.4.11.1-2+deb7u2.dsc 3168c437fc7c46cccf2ff6e08c77877499bc8db4 57462 phpmyadmin_3.4.11.1-2+deb7u2.debian.tar.gz dd5615f229f8627929c2de2744dc0d3b3b89a69e 5503274 phpmyadmin_3.4.11.1-2+deb7u2_all.deb Checksums-Sha256: 8f3705aedf8ee79a9d1aaa357fabdff07ebf177c6feee29df7036d884ce3569a 1592 phpmyadmin_3.4.11.1-2+deb7u2.dsc a54cc1896b5589fe5229d605ce984afe61adf2431ef9f1320493e4c97b430323 57462 phpmyadmin_3.4.11.1-2+deb7u2.debian.tar.gz b7514d3f578ccf6d9b76c63d16df473cf2bb91a5185190a14022c4e8127e2955 5503274 phpmyadmin_3.4.11.1-2+deb7u2_all.deb Files: 149c944a5512f36093e90dea94c1abfb 1592 web extra phpmyadmin_3.4.11.1-2+deb7u2.dsc aaa7a1bb697848eede9257258e2ba571 57462 web extra phpmyadmin_3.4.11.1-2+deb7u2.debian.tar.gz 829137a59f907bdc1ca5019007d2c685 5503274 web extra phpmyadmin_3.4.11.1-2+deb7u2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJWMRiiAAoJEFb2GnlAHawERAEH/1KdOeuKBVoB+mw5/ZRfzA48 Y211m73VGp3oTIlujBAohXmJn/SjJn/0Siw+oP7PYK4uVlEcgJEevaStHz3V3L/9 MRIM1RrUIOt02wBSa0UAPTEK7njpnYQIAAStQFzTYiDlrHNbR3HMBCOofZ7xU7CB stYQ83XAInPZhW738M+y1JK+moKjbEnuv+znvI4XzMbAlDCIxbtNFO5uDz6gHCNE g0ZZ0gDXTOl/K3ASz+sZLGodoUCoZnOuXgcjm4UdgbwKX6Hol8jvu+fQCD/TNSwy 9lYy4T2fueVTgCjYH1Rkc8wvxfElQcbCS4BnF0zD1n+FpqZTC7b5g6f/toDHQ8w= =k6iO -----END PGP SIGNATURE-----