[Bug 162599] Re: few serious security issues for phpMyAdmin

** Branch linked: lp:ubuntu/feisty-security/phpmyadmin ** Branch linked: lp:ubuntu/gutsy-security/phpmyadmin -- few serious security issues for phpMyAdmin https://bugs.launchpad.net/bugs/162599 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubu

[Bug 162599] Re: few serious security issues for phpMyAdmin

Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix. ** Changed in: phpmyadmin (Ubuntu Edgy) Status: Confirmed => Won't Fix -- few serious security issues for phpMyAdmin https://bugs.launchpad.net/bugs/162599 You received this bu

[Bug 162599] Re: few serious security issues for phpMyAdmin

phpmyadmin (4:2.9.1.1-2ubuntu1.1) feisty-security; urgency=low * SECURITY UPDATE: Cross-site scripting via multiple vectors. (LP: #162599) * debian/patches/030_CVE-2007-1395.patch: Match end tag case insensitively. Patch from Debian. * debian/patches/030_CVE-2007-2245.patch: Correctly s

[Bug 162599] Re: few serious security issues for phpMyAdmin

phpmyadmin (4:2.10.3-1ubuntu0.1) gutsy-security; urgency=low * SECURITY UPDATE: Cross-site scripting via multiple vectors. (LP: #162599) * debian/patches/031_CVE-2007-5386.patch: Sanitise non-URL-encoded query strings in scripts/setup.php. Patch from Debian. * debian/patches/031_CVE-2007

[Bug 162599] Re: few serious security issues for phpMyAdmin

Thanks for preparing this! I've uploaded it to the security queue; it should be published shortly. ** Changed in: phpmyadmin (Ubuntu Feisty) Status: In Progress => Fix Committed ** Changed in: phpmyadmin (Ubuntu Gutsy) Status: In Progress => Fix Committed -- few serious security

[Bug 162599] Re: few serious security issues for phpMyAdmin

Be warned, the feisty version uses yada, so has a habit of regenerating its control file. ** Attachment added: "feisty debdiff" http://launchpadlibrarian.net/10586926/feisty.diff -- few serious security issues for phpMyAdmin https://bugs.launchpad.net/bugs/162599 You received this bug notific

[Bug 162599] Re: few serious security issues for phpMyAdmin

** Attachment added: "gutsy debdiff" http://launchpadlibrarian.net/10586901/gutsy.diff ** Changed in: phpmyadmin (Ubuntu Gutsy) Assignee: (unassigned) => William Grant (fujitsu) Status: Confirmed => In Progress ** Changed in: phpmyadmin (Ubuntu Feisty) Assignee: (unassigned)

[Bug 162599] Re: few serious security issues for phpMyAdmin

Meet PMASA-2007-8, aka. CVE-2007-6100. They're all fixed in Hardy. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6100 ** Changed in: phpmyadmin (Ubuntu Hardy) Status: Confirmed => Fix Released ** Changed in: phpmyadmin (Ubuntu Dapper) Status: New => Confirme

[Bug 162599] Re: few serious security issues for phpMyAdmin

Adding some CVE references mentioned in DSA 1370-1/DSA 1370-2, DSA 1403-1 and MDKSA-2007:229. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5976 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-5977 ** CVE added: http://www.cve.mitre.org/cgi- bin/cven

[Bug 162599] Re: few serious security issues for phpMyAdmin

Latest PMASAs fixed in each release: - Hardy: all - Gutsy: 2007-4 - Feisty: 2007-3 - Edgy: 2006-4 - Dapper: 2006-1 -- few serious security issues for phpMyAdmin https://bugs.launchpad.net/bugs/162599 You received this bug notification because you are a member of Ubuntu Bugs, which is the bu

[Bug 162599] Re: few serious security issues for phpMyAdmin

** Changed in: phpmyadmin (Ubuntu) Status: New => Confirmed -- few serious security issues for phpMyAdmin https://bugs.launchpad.net/bugs/162599 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ub