A point release to close a code execution vulnerability. This bug allows a remote user logged in to the phpmyadmin web application to run arbitrary shell commands with the credentials of the web server. Not much more information is available yet: phpMyAdmin release notes: https://sourceforge.net/project/shownotes.php?release_id=626450 http://www.phpmyadmin.net/home_page/downloads.php?relnotes=1 Security Advisory: http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-7 Other Links: http://fd.the-wildcat.de/pma_e36a091q11.php
Responsible Changed From-To: freebsd-ports-bugs->miwi I'll take it.
miwi 2008-09-17 09:28:53 UTC FreeBSD ports repository Modified files: databases/phpmyadmin Makefile distinfo Log: - Update to 2.11.9.1 Security Update: A point release to close a code execution vulnerability. This bug allows a remote user logged in to the phpmyadmin web application to run arbitrary shell commands with the credentials of the web server. PR: 127417 Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer) Approved by: portmgr (pav) Security: http://www.vuxml.org/freebsd/74bf1594-8493-11dd-bb64-0030843d3802.html Revision Changes Path 1.92 +1 -1 ports/databases/phpmyadmin/Makefile 1.75 +3 -3 ports/databases/phpmyadmin/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!