aboutsummaryrefslogtreecommitdiffstats
path: root/community/phpmyadmin
Commit message (Collapse)AuthorAgeFilesLines
* community/phpmyadmin: mistake fixed in secfixes infoSergey Lukin2016-12-301-2/+1
|
* community/phpmyadmin: security upgrade to 4.6.5.2 - fixes #6595Sergey Lukin2016-12-291-4/+28
| | | | | | | | | | | | | | | | | | | | | | | CVE-2016-9847: Unsafe generation of blowfish secret CVE-2016-9848: phpinfo information leak value of sensitive (HttpOnly) cookies CVE-2016-9849: Username deny rules bypass (AllowRoot & Others) by using Null Byte CVE-2016-9850: Username rule matching issues CVE-2016-9851: With a crafted request parameter value it is possible to bypass the logout timeout. CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855: Multiple full path disclosure vulnerabilities CVE-2016-9856 CVE-2016-9857: Multiple XSS vulnerabilities CVE-2016-9858 CVE-2016-9859 CVE-2016-9860: We consider these vulnerabilities to be of moderate severity. CVE-2016-9861: Bypass white-list protection for URL redirection CVE-2016-9862: BBCode injection vulnerability CVE-2016-9863: DOS vulnerability in table partitioning CVE-2016-9864: Multiple SQL injection vulnerabilities CVE-2016-9865: Incorrect serialized string parsing CVE-2016-9866: CSRF token not stripped from the URL Jumping through 3 versions: 4.6.5, 4.6.5.1, 4.6.5.2 These upgrades does not contain major changes: https://www.phpmyadmin.net/news/2016/11/25/phpmyadmin-401018-44159-and-465-are-released/ https://www.phpmyadmin.net/news/2016/11/26/phpmyadmin-4651-released/ https://www.phpmyadmin.net/news/2016/12/5/phpmyadmin-4652-released/
* community/phpmyadmin: move form mainNatanael Copa2016-09-233-0/+106
We don't want maintain this for more than 6 months due to the amount of security issues.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 11:16:21 +0000