kunkku/aports - kunkku's aports repo

	Commit message (Collapse)	Author	Age	Files	Lines
*	community/phpmyadmin: upgrade to 4.6.6	Natanael Copa	2017-01-27	1	-4/+4
\|
*	community/phpmyadmin: mistake fixed in secfixes info	Sergey Lukin	2016-12-30	1	-2/+1
\|
*	community/phpmyadmin: security upgrade to 4.6.5.2 - fixes #6594	Sergey Lukin	2016-12-30	1	-4/+28
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	CVE-2016-9847: Unsafe generation of blowfish secret CVE-2016-9848: phpinfo information leak value of sensitive (HttpOnly) cookies CVE-2016-9849: Username deny rules bypass (AllowRoot & Others) by using Null Byte CVE-2016-9850: Username rule matching issues CVE-2016-9851: With a crafted request parameter value it is possible to bypass the logout timeout. CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855: Multiple full path disclosure vulnerabilities CVE-2016-9856 CVE-2016-9857: Multiple XSS vulnerabilities CVE-2016-9858 CVE-2016-9859 CVE-2016-9860: We consider these vulnerabilities to be of moderate severity. CVE-2016-9861: Bypass white-list protection for URL redirection CVE-2016-9862: BBCode injection vulnerability CVE-2016-9863: DOS vulnerability in table partitioning CVE-2016-9864: Multiple SQL injection vulnerabilities CVE-2016-9865: Incorrect serialized string parsing CVE-2016-9866: CSRF token not stripped from the URL
*	community/phpmyadmin: move form main	Natanael Copa	2016-09-23	3	-0/+106
	We don't want maintain this for more than 6 months due to the amount of security issues.