Hi Dne Mon, 20 Apr 2009 00:15:04 -0400 "Michael S. Gilbert" <michael.s.gilb...@gmail.com> napsal(a):
> i was looking at the link as provided in redhat's announcement. this
> seems to be CVE-2009-1285, which debian is already tracking as
> unimportant. however, the phpmyadmin page considers the issue to be
> critical. perhaps the debian severity is too low?
The difference might be in fact that Debian package protects setup
script by htpasswd on installation.
(But I'm not in security team to know real cause of this severity.)
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature
