Summary: | <dev-db/phpmyadmin-{4.0.10.20,4.7.0}: Bypass $cfg['Servers'][$i]['AllowNoPassword'] | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | glsamaker, jmbsvicetto, web-apps |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.phpmyadmin.net/security/PMASA-2017-8/ | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=606824 | ||
Whiteboard: | B3 [glsa] | ||
Package list: |
=dev-db/phpmyadmin-4.0.10.20
=dev-db/phpmyadmin-4.7.0
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-04-02 17:24:27 UTC
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8fb4492ee897c4e02d9f5e1928f3176d99530e68 requested keywords: alpha amd64 hppa ppc ppc64 sparc x86 Please add keywords to: =dev-db/phpmyadmin-4.0.10.20 =dev-db/phpmyadmin-4.7.0 Stable on alpha. amd64 stable Stable for HPPA. x86 stable ppc ppc64 stable. sparc stable. Maintainer(s), please cleanup. Security, please vote. (In reply to Agostino Sarubbo from comment #7) > sparc stable. > > Maintainer(s), please cleanup. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f92854492b08d4acf4a1e12cb9087599974406b9 Done. Thanks to all arch teams for their work. Arches and Maintainer(s), Thank you for your work. GLSA Vote: Yes New GLSA Request filed. Sent an Email upstream to find out about CVE ID for bug, if not will assist in assigning. This issue was resolved and addressed in GLSA 201707-03 at https://security.gentoo.org/glsa/201707-03 by GLSA coordinator Thomas Deutschmann (whissi). *** Bug 635212 has been marked as a duplicate of this bug. *** |