On Thursday 22 of September 2005 16:29, micah wrote: > Piotr, > > I notice that you fixed some of these issues in your most recent > unstable upload, but the others which you identify below were not > included... at least its not obvious from the unstable changelog, I > assume that its the "four more vulnerabilities reported and fixed > directly in phpMyAdmin's CVS"?
They are all fixed in 2.6.4 release. Try to grep on XSS for ChangeLog available at http://cvs.sourceforge.net/viewcvs.py/phpmyadmin/phpMyAdmin/ChangeLog?rev=2.1272&view=auto I didn't describe them in changelog for unstable release, beacuse the upstream did not describe, too. The sarge backported package is described verbosely, beacuse the fixes are provided carefully in separated patches. -- .''`. Piotr Roszatycki, Netia SA : :' : mailto:[EMAIL PROTECTED] `. `' mailto:[EMAIL PROTECTED] `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]