lp:ubuntu/gutsy-updates/phpmyadmin

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

22. By Emanuele Gentili on 2008-03-05

* SECURITY UPDATE:
 + debian/patches/050_CVE-2008-1149.dpatch
  - Provides unauthorized access, Allows partial confidentiality, integrity, and
    availability violation , Allows unauthorized disclosure of information ,
    Allows disruption of service. (LP: #198745)

* References:
 + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1149
 + http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1

21. By William Grant on 2007-11-28

* SECURITY UPDATE: Cross-site scripting via multiple vectors. (LP: #162599)
* debian/patches/031_CVE-2007-5386.patch: Sanitise non-URL-encoded query
  strings in scripts/setup.php. Patch from Debian.
* debian/patches/031_CVE-2007-5589.patch: Sanitise PHP_SELF and PATH_INFO
  inputs in a number of places. Patch from Debian.
* debian/patches/032_CVE-2007-5976.patch: Sanitise database names before
  creating them (also covering CVE-2007-5977). Patch from upstream bug.
* debian/patches/033_CVE-2007-6100.patch: Sanitise convcharset as displayed
  on authentication form.
* References
  CVE-2007-5386
  CVE-2007-5589
  CVE-2007-5976
  CVE-2007-5977
  CVE-2007-6100
  PMASA-2007-5
  PMASA-2007-6
  PMASA-2007-7
  PMASA-2007-8

20. By Thijs Kinkhorst on 2007-07-14

* New upstream bugfix release.

[ Translations ]
* German by Helge Kreutzmann (Closes: #432566).

19. By Chuck Short on 2007-07-06

Added missing favicon.ico (Closes: LP #124402).

18. By Thijs Kinkhorst on 2007-06-17

[ Thijs Kinkhorst ]
* New upstream release.
* Welcome Michal Čihař as new co-maintainer.

[ Translations ]
* Vietnamese by Clytie Siddall (Closes: #427177).

17. By Thijs Kinkhorst on 2007-05-31

[ Thijs Kinkhorst ]
* php5-mcrypt is now a dependency on 64 bit platforms. Move it from
  Recommends to Depends because it's not possible to specify per-arch
  dependencies, and it's also very useful to have on 32 bit platforms
  because of the speed increase (Closes: #425164).

[ Translations ]
* French by Chrisian Perrier (Closes: #423954).
* Danish by Claus Hindsgaul (Closes: #426786).

16. By Luca Falavigna on 2007-05-21

* Merge from debian unstable, remaining changes:
  - Depends on php5-mcrypt to fix access on AMD64 machines
  - Update maintainer field in debian/package

15. By Luca Falavigna on 2007-05-19

* Depends on php5-mcrypt to fix access on AMD64 machines (LP: 114044)
* Remove PHP 4 dependencies
* Update maintainer field in debian/packages

14. By magilus on 2007-03-23

* SECURITY: Fix PHP Executor Deep Recursion Stack Overflow
* References:
  http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
  https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/94891
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1325

13. By Thijs Kinkhorst on 2007-01-12

* Backport security-related changes from 2.9.2-rc1:
* CVE-2007-0203: Multiple unspecified vulnerabilities;
  this turns out to be (1) cross site scripting and
  (2) the same as CVE-2006-6374. (Closes: #406332, #406486)
* CVE-2006-6374: the vulnerability only applies to
  PHP < 5.1.2 and < 4.4.2, so strictly speaking current
  Debian is not vulnerable. Include it anyway, to not expose
  those using older PHP versions. (Closes: #404744)