Description: "phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page."
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d702e013bdd2e04a3f78e09c7b198d24b7e8e4ad commit d702e013bdd2e04a3f78e09c7b198d24b7e8e4ad Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2020-04-15 23:55:49 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2020-04-15 23:56:15 +0000 dev-db/phpmyadmin: Drop vulnerable release. Bug: https://bugs.gentoo.org/714014 Bug: https://bugs.gentoo.org/715660 Bug: https://bugs.gentoo.org/717630 Package-Manager: Portage-2.3.96, Repoman-2.3.22 Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> dev-db/phpmyadmin/Manifest | 1 - dev-db/phpmyadmin/phpmyadmin-4.9.2.ebuild | 61 ------------------------------- 2 files changed, 62 deletions(-)
All done, thanks!