"Welcome to these two security releases." This is security fix, please bump without huge delay;) Reproducible: Always
This appears to be due to http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php.
There is another security release this one a little bit more serious: http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php Announcement-ID: PMASA-2011-2 SQL query could be executed under another user. Description It was possible to create a bookmark which would be executed unintentionally by other users. Severity We consider this vulnerability to be critical. Mitigation factor To use this vulnerability, phpMyAdmin configuration storage needs to be set up and enabled and bookmarks function needs to be enabled. Affected Versions The 2.11.x and 3.3.x versions are affected. Solution Upgrade to phpMyAdmin 3.3.9.2 or newer (2.11.11.3 or newer for the older family) or apply the related patch listed below. References This issue was found by Michal Čihař. Assigned CVE ids: CVE-2011-0987 CWE ids: CWE-661 CWE-89 I would recommend to skip 3.3.9.1 and go direct to 3.3.9.2
Arches, please test and mark stable: =dev-db/phpmyadmin-3.4.0 Target keywords : "alpha amd64 hppa ppc ppc64 sparc x86"
amd64 ok
Works perfect on my VPS. amd64 done. Thanks Agostino
x86 stable. Thanks
Stable for HPPA.
alpha/sparc stable
ppc/ppc64 stable, last arch done
Thanks, everyone. GLSA request filed.
CVE-2011-0987 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0987): The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark. CVE-2011-0986 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0986): phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.
This issue was resolved and addressed in GLSA 201201-01 at http://security.gentoo.org/glsa/glsa-201201-01.xml by GLSA coordinator Tim Sammut (underling).