-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 28 Jan 2016 09:41:38 +0100 Source: phpmyadmin Binary: phpmyadmin Architecture: source all Version: 4:4.5.4-1 Distribution: unstable Urgency: high Maintainer: Thijs Kinkhorst <thijs@debian.org> Changed-By: Michal Čihař <nijel@debian.org> Description: phpmyadmin - MySQL web administration tool Closes: 811452 Changes: phpmyadmin (4:4.5.4-1) unstable; urgency=high . * New upstream release, fixes security issues: - Multiple full path disclosure vulnerabilities (PMASA-2016-1/CVE-2016-2038). - Unsafe generation of XSRF/CSRF token. (PMASA-2016-2/CVE-2016-2039). - Multiple XSS vulnerabilities. (PMASA-2016-3/CVE-2016-2040). - Insecure password generation in JavaScript. (PMASA-2016-4/CVE-2016-1927). - Unsafe comparison of XSRF/CSRF token. (PMASA-2016-5/CVE-2016-2041). - Multiple full path disclosure vulnerabilities. (PMASA-2016-6/CVE-2016-2042). - XSS vulnerability in normalization page. (PMASA-2016-7/CVE-2016-2043). - Full path disclosure vulnerability in SQL parser. (PMASA-2016-8/CVE-2016-2044). - XSS vulnerability in SQL editor. (PMASA-2016-9/CVE-2016-2045). * Add dependency on dbconfig-mysql (Closes: #811452). * Update upstream keyring as there is new release manager. Checksums-Sha1: 93e21050e13ae0e10a85428fcce946efb05ba238 1919 phpmyadmin_4.5.4-1.dsc e7a2744decb10f7cb28b252b211ff2d798783961 5810856 phpmyadmin_4.5.4.orig.tar.xz 77182ad47d822c2dad02bd48f244e63606608013 76888 phpmyadmin_4.5.4-1.debian.tar.xz 73e55a1d300a4ed94499eb6a2d30ed3be54ba93d 4017758 phpmyadmin_4.5.4-1_all.deb Checksums-Sha256: 898ef676ce45155a24895b3d39c62c099055879241e9df333e451155d8ba478c 1919 phpmyadmin_4.5.4-1.dsc 544670aea61d40c1a6e569f0955de2725c354f61c959870749b525d6b3d503dd 5810856 phpmyadmin_4.5.4.orig.tar.xz 23582ebd2d80a81e8a594fc00e71d6a4dffbf66f1a8e469b10653bc804a36a77 76888 phpmyadmin_4.5.4-1.debian.tar.xz 705339f9e65f8f268b2cffe09b4718010558f245be779178245af203498cf938 4017758 phpmyadmin_4.5.4-1_all.deb Files: 7263cb6c02d9a6144fab11f092df9b46 1919 web extra phpmyadmin_4.5.4-1.dsc 039646ceede77e78979500756875fdab 5810856 web extra phpmyadmin_4.5.4.orig.tar.xz e43f70938825d44e40f2547c16749956 76888 web extra phpmyadmin_4.5.4-1.debian.tar.xz 8f051a7147d42f14e5fd5f74d24ad6b6 4017758 web extra phpmyadmin_4.5.4-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWqdTDAAoJEJwnsxNCt1EdZgAQAIZ1m+SkhcSLO77yxgcMMsgQ sSWQlM+aBJtzsLm+cA5CNm0IIv4PIsPuVBwZtbwJEH0mwHdx1BSbruvnWEe1YFAB iVO3X+l46Y9wBTMz3Z4r7nqmVc/plOxXKYQTzj+jv3h/6l1HMOdrYWp39howYznu b/6OcfBciJE0Bk6R++gZVFBRkL1EnRSVfCyAQe+yCl5EfzpkRvsSgsPQj/XpM0/C +QCr6tDMBXPt7pij2pYxe7ZPufjxob07Bawi42uY+RA1tOyCcXMndzBZYnJc18UH NKWliLUxdoiaoGM7k0/4bFpKD+gSnLRsXnsAS3Nu+rDptXq6KVc2iV+PEarBC0PN E6PbIPT+1KEJNE6A+isUXDZ0e9PXOEU9+Lv/kbL1lg/gDoIa99V1FZZkRuNXDV3T ZVziakq9oDJ+4iQ2DoflCJ2SD7xn6xfj4pC2zc1bY8hTQoMQHpsOLLHk0RuV0wCh 3RsxWLQkHoVLEVUcM8y6HgFLEkPU7PRZPnWYurCp+OygnLyelPTqK2e3DRYs69LJ ZF1ij4Al/CZeuTMQX9BCDcB/OvkLbrB7vqDxgOz+xHOPFz/qbc7I/6/tQ/yW3UOF uBXyeAcjMT8Iyq5R4V6znxJVrnuXW28DofKyOKYuYwYwGbzlkbMhZ86T89jU1TYh wy58NxNs0dnMrc8CoVea =0p3d -----END PGP SIGNATURE-----