oss-sec mailing list archives

Re: CVE Request: phpMyAdmin

From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 12 Jan 2010 19:53:44 -0500 (EST)


On Mon, 11 Jan 2010, Ludwig Nussel wrote:

Hi,

phpMyAdmin 2.11.10 was released with security fixes according to the
changelog:
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_10/phpMyAdmin/ChangeLog?revision=13152&view=markup

unserialize fix:
http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149


Use CVE-2009-4605, to be filled in later

the temporary file issues seem to be from 2008 but were not released
so far:

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536


Use CVE-2008-7251

http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528


Use CVE-2008-7252


- Steve

Current thread:

CVE Request: phpMyAdmin Ludwig Nussel (Jan 11)
- Re: CVE Request: phpMyAdmin Josh Bressers (Jan 11)
- Re: CVE Request: phpMyAdmin Steven M. Christey (Jan 12)