95411 – [maintiner] databases/phpmyadmin -- security update to 2.8.0.3

Bug 95411 - [maintiner] databases/phpmyadmin -- security update to 2.8.0.3

Summary: [maintiner] databases/phpmyadmin -- security update to 2.8.0.3

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-04-06 15:20 UTC by Matthew Seaman
Modified:	2006-04-07 11:50 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
phpmyadmin.diff (1019 bytes, patch) 2006-04-06 15:20 UTC, Matthew Seaman	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthew Seaman 2006-04-06 15:20:18 UTC

The phpMyAdmin project has issued a security advisory and a new version
of phpMyAdmin:

    http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1

There is a XSS vulnerability in all previous versions of phpMyAdmin that
support themes.

Changelog is at:

    https://sourceforge.net/project/shownotes.php?release_id=407619

Comment 1 Marcus Alves Grando freebsd_committer

2006-04-06 17:44:09 UTC

State Changed
From-To: open->closed

Committed. Thanks!

Comment 2 bryan 2006-04-07 11:47:04 UTC

I haven't been able to get this version or 2.8.0.2 to work.   
Consistently get errors of phpMyAdmin trying to login with password =  
no, even though I am using the "http" auth_type. I had 2.7.0-pl2  
working fine with the same config.inc.php file. Problem seems to be  
something other than the config.inc.php file. Just wondering if any  
other reports of problems like this.

Bryan