Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 105598 - dev-db/phpmyadmin: new XSS vulnerabilities fixed in 2.6.4
Summary: dev-db/phpmyadmin: new XSS vulnerabilities fixed in 2.6.4
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.phpmyadmin.net/home_page/d...
Whiteboard: B4 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2005-09-11 06:31 UTC by Renat Lumpau (RETIRED)
Modified: 2005-09-11 13:17 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Renat Lumpau (RETIRED) gentoo-dev 2005-09-11 06:31:23 UTC
XSS on the cookie-based login panel
XSS on table creation page
XSS on username (cookie-based login)

Fixed in 2.6.4
Comment 1 Renat Lumpau (RETIRED) gentoo-dev 2005-09-11 06:32:48 UTC
2.6.4 in CVS
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-09-11 08:43:49 UTC
Looks like an officialisation of the RC1 security fixes (bug 104124).
Committed directly stable by maintainer, ready for GLSA vote.

I vote NO.
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-09-11 13:17:22 UTC
Voting NO and closing.  
 
Thx for the report Renat.