lp:ubuntu/gutsy-updates/phpmyadmin
- Get this branch:
- bzr branch lp:ubuntu/gutsy-updates/phpmyadmin
Branch merges
Branch information
Recent revisions
- 22. By Emanuele Gentili
-
* SECURITY UPDATE:
+ debian/patches/ 050_CVE- 2008-1149. dpatch
- Provides unauthorized access, Allows partial confidentiality, integrity, and
availability violation , Allows unauthorized disclosure of information ,
Allows disruption of service. (LP: #198745)* References:
+ http://nvd.nist. gov/nvd. cfm?cvename= CVE-2008- 1149
+ http://www.phpmyadmin. net/home_ page/security. php?issue= PMASA-2008- 1 - 21. By William Grant
-
* SECURITY UPDATE: Cross-site scripting via multiple vectors. (LP: #162599)
* debian/patches/ 031_CVE- 2007-5386. patch: Sanitise non-URL-encoded query
strings in scripts/setup.php. Patch from Debian.
* debian/patches/ 031_CVE- 2007-5589. patch: Sanitise PHP_SELF and PATH_INFO
inputs in a number of places. Patch from Debian.
* debian/patches/ 032_CVE- 2007-5976. patch: Sanitise database names before
creating them (also covering CVE-2007-5977). Patch from upstream bug.
* debian/patches/ 033_CVE- 2007-6100. patch: Sanitise convcharset as displayed
on authentication form.
* References
CVE-2007-5386
CVE-2007-5589
CVE-2007-5976
CVE-2007-5977
CVE-2007-6100
PMASA-2007-5
PMASA-2007-6
PMASA-2007-7
PMASA-2007-8 - 20. By Thijs Kinkhorst
-
* New upstream bugfix release.
[ Translations ]
* German by Helge Kreutzmann (Closes: #432566). - 18. By Thijs Kinkhorst
-
[ Thijs Kinkhorst ]
* New upstream release.
* Welcome Michal Čihař as new co-maintainer.[ Translations ]
* Vietnamese by Clytie Siddall (Closes: #427177). - 17. By Thijs Kinkhorst
-
[ Thijs Kinkhorst ]
* php5-mcrypt is now a dependency on 64 bit platforms. Move it from
Recommends to Depends because it's not possible to specify per-arch
dependencies, and it's also very useful to have on 32 bit platforms
because of the speed increase (Closes: #425164).[ Translations ]
* French by Chrisian Perrier (Closes: #423954).
* Danish by Claus Hindsgaul (Closes: #426786). - 16. By Luca Falavigna
-
* Merge from debian unstable, remaining changes:
- Depends on php5-mcrypt to fix access on AMD64 machines
- Update maintainer field in debian/package - 15. By Luca Falavigna
-
* Depends on php5-mcrypt to fix access on AMD64 machines (LP: 114044)
* Remove PHP 4 dependencies
* Update maintainer field in debian/packages - 14. By magilus
-
* SECURITY: Fix PHP Executor Deep Recursion Stack Overflow
* References:
http://www.phpmyadmin. net/home_ page/security. php?issue= PMASA-2007- 3
https://bugs.launchpad .net/ubuntu/ +source/ phpmyadmin/ +bug/94891
http://cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2007- 1325 - 13. By Thijs Kinkhorst
-
* Backport security-related changes from 2.9.2-rc1:
* CVE-2007-0203: Multiple unspecified vulnerabilities;
this turns out to be (1) cross site scripting and
(2) the same as CVE-2006-6374. (Closes: #406332, #406486)
* CVE-2006-6374: the vulnerability only applies to
PHP < 5.1.2 and < 4.4.2, so strictly speaking current
Debian is not vulnerable. Include it anyway, to not expose
those using older PHP versions. (Closes: #404744)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/phpmyadmin