Package: phppgadmin Version: 4.0.1-3.1 Severity: grave Tags: security Hi,
A vulnerability that allows an attacker to perform a local files inclusion attack in phpPgAdmin has been exposed at [1]. Note that the vulnerability can only be exploited when register_globals=on (which is the default in /etc/phppgadmin/apache.conf). If you fix the vulnerability please also make sure to include the CVE id in the changelog entry, when one is assigned. [1]http://www.milw0rm.com/exploits/7363 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
