Omer Singer has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the user is running a browser that has not URL-encoded the request (e.g. Internet Explorer 6). The vulnerability is reported in version 2.11.1. Other versions may also be affected. Solution: Fixed in the SVN repository.
Maintainers, please provide an updated ebuild.
phpmyadmin-2.11.1 is in the tree including the patch for the issue. Target archs: alpha amd64 hppa ppc ppc64 sparc x86
Stable on x86
Err, wait, the thing is borked (Bug 195843).
I reverted stable x86 KEYWORD back to ~x86
with this bug, this one http://bugs.gentoo.org/show_bug.cgi?id=183114 should be redundant?
Hrm bug #195843 is nothing I can do much about at the moment. I checked the code but it seems to be an upstream issue. I inquired at their forum: http://sourceforge.net/forum/message.php?msg_id=4568637 To be honest this just looks like sloppy programming since its a php warning.
(In reply to comment #6) > with this bug, this one http://bugs.gentoo.org/show_bug.cgi?id=183114 should > be redundant? > in principle yes, but lets see how this progresses first.
Hm bug #195843 got closed again. Security please advise: Should we continue stabilization or wait one week to see if there are further reports? I tend to waiting since it's XSS but on the other hand the app is stable on many archs.
(In reply to comment #9) > Hm bug #195843 got closed again. Security please advise: Should we continue > stabilization or wait one week to see if there are further reports? I tend to > waiting since it's XSS but on the other hand the app is stable on many archs. 2.11.1.1 was released today, including the security fix. If the source is identical to our release plus patch, we can stable that. Otherwise, we should just bump it to the latest release. Since no one was able to reproduce this issue anymore, it might be related to outdated caches? Upstream advisory: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5
(In reply to comment #10) > (In reply to comment #9) > > Hm bug #195843 got closed again. Security please advise: Should we continue > > stabilization or wait one week to see if there are further reports? I tend to > > waiting since it's XSS but on the other hand the app is stable on many archs. > > 2.11.1.1 was released today, including the security fix. If the source is > identical to our release plus patch, we can stable that. Otherwise, we should > just bump it to the latest release. Bumped it even though 2.11.1.1 probably does not contain more than the fix. In any case I think it will be less confusing to the user if we release 2.11.1.1 Please mark the new version stable then. > Since no one was able to reproduce this issue anymore, it might be related to > outdated caches? > > Upstream advisory: > http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5 >
Arches, please test and mark stable dev-db/phpmyadmin-2.11.1.1 Target keywords are: "alpha amd64 hppa ppc ppc64 sparc x86"
ppc64 stable
Stable for HPPA.
Finally stable on x86 ;)
phpmyadmin managed to release a second sec fix. So forget about 2.11.1.1 and move to 2.11.1.2 (bug #196237). Removing all arches that need to mark 2.11.1.2 stable and webapps here. Leaving open for security since I don't know if there is anything left you still have to do.
non-persistent XSS. Only vulnerable with IE6 and not in its default conf. I vote noglsa.
Voting NO. This one should be closed as soon as alpha and sparc stable 2.11.1.2
This one can be closed now as well.
