CVE-2018-7260 (https://nvd.nist.gov/vuln/detail/CVE-2018-7260): A self-cross site scripting (XSS) in phpMyaAdmin prior 4.7.8 has been found in the central columns feature.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/dev/jmbsvicetto.git/commit/?id=73b92f19276632457cf75055da1e0bc58ee4912c commit 73b92f19276632457cf75055da1e0bc58ee4912c Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2018-02-20 20:41:33 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2018-02-20 20:41:33 +0000 dev-db/phpmyadmin: Security bump to address PMASA-2018-1 (CVE-2018-7260). Bug: https://bugs.gentoo.org/648330 Signed-off-by: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> dev-db/phpmyadmin/Manifest | 1 + dev-db/phpmyadmin/phpmyadmin-4.7.8.ebuild | 61 +++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+)}
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e5d2d30f1cbd1b05e3f0690a9198cd6f348e316d commit e5d2d30f1cbd1b05e3f0690a9198cd6f348e316d Author: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> AuthorDate: 2018-02-20 21:15:56 +0000 Commit: Jorge Manuel B. S. Vicetto (jmbsvicetto) <jmbsvicetto@gentoo.org> CommitDate: 2018-02-20 21:15:56 +0000 dev-db/phpmyadmin: Security bump to address PMASA-2018-1 (CVE-2018-7260). Bug: https://bugs.gentoo.org/648330 Package-Manager: Portage-2.3.19, Repoman-2.3.6 dev-db/phpmyadmin/Manifest | 1 + dev-db/phpmyadmin/phpmyadmin-4.7.8.ebuild | 61 +++++++++++++++++++++++++++++++ 2 files changed, 62 insertions(+)}
@Arches please test and mark stable
amd64 stable
x86 stable
Stable on alpha.
ppc64 stable
hppa stable keywords dropped
sparc done.
Looking good on ppc. # cat phpmyadmin-648330.report USE tests started on Mo 8. Okt 00:17:14 CEST 2018 FEATURES=' test' USE='' succeeded for =dev-db/phpmyadmin-4.7.8 USE='-setup -vhosts' succeeded for =dev-db/phpmyadmin-4.7.8 USE='setup -vhosts' succeeded for =dev-db/phpmyadmin-4.7.8 USE='-setup vhosts' succeeded for =dev-db/phpmyadmin-4.7.8 USE='setup vhosts' succeeded for =dev-db/phpmyadmin-4.7.8