| Summary: | GLSA #200504-30 - marks the newest phpmyadmin affected after fixing | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | -:Szab100:- <szab100> |
| Component: | GLSA Errors | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
Did you remember to unmerge the old version? (equery list phpmyadmin) :) sorry, that was the problem.. |
There's a bug in phpmyadmin that creates the pma user with insecure password, the #200504-30 describes this.. But after the password has been changed, the glsa-check still shows affected. #glsa-check -d 200504-30 Vulnerable: <2.6.2-r1 Unaffected: >=2.6.2-r1 I've installed 2.6.2-r1 and it's still marked with the red "[N]" * dev-db/phpmyadmin Latest version available: 2.6.2-r1 Latest version installed: 2.6.2-r1 Reproducible: Always Steps to Reproduce: 1. 2. 3.