Summary: | dev-db/phpmyadmin: 2.6.0-pl2 released with security fix | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | twp |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://sourceforge.net/forum/forum.php?forum_id=414281 | ||
Whiteboard: | B1 [glsa] koon | ||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2004-10-13 09:25:42 UTC
OK, 2.6.0-pl2 in CVS, 2.6.0 removed. Not heavily tested. I'll close the bug in a couple of days unless there are reported problems. Tom: please don't close the bug, we've still security work to do on it. It's unclear if the vulnerability affects all phpmyadmin versions or just the 2.6.0 series. Could you look into it ? The stable keywords need is not the same in each case... according to http://www.heise.de/security/news/meldung/52132 (german) all versions since 2.5 are affected, since the transformation system (http://www.phpmyadmin.net/documentation/#transformations) has been implemented there for the first time OK, then we need to keyword it stable as in 2.5.7_p1. Arches, please test and mark dev-db/phpmyadmin-2.6.0_p2 stable stable on ppc Stable on hppa. Stable on sparc Stable on alpha. GLSA drafted, blocked by amd64 missing keyword. stable on amd64. GLSA 200410-14 |