CVE-2009-4605 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4605): scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors.
Hi webapps, please provide an updated newbuild.
Bumped on behalf of security. Arches, please test and mark stable: =dev-db/phpmyadmin-2.11.10 Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86"
x86 stable, I am back.
Stable for HPPA.
alpha/sparc stable
amd64 stable
Marked ppc/ppc64 stable.
Vote: no!
NO too, closing.