phpMyAdmin: Administration of MySQL over the web
----------------------------------------------------------------------
File: phpMyAdmin-2.9.1.1-9.noarch.rpm
Patchrpm: phpMyAdmin-2.9.1.1-9.noarch.patch.rpm
Version: 2.9.1.1-9
Size: 2088 kB
Patchsize: 131 kB
Date: Fri 14 Nov 2008 16:33:7 CET
Source: phpMyAdmin-2.9.1.1-9.src.rpm
Security: Yes
----------------------------------------------------------------------
Description: This update of phpMyAdmin fixes the following bugs:
- CVE-2008-1149: SQL injection, CSRF attacks using crafted cookies
- CVE-2008-1567: local users can steal session information/credentials
- CVE-2008-1924: in a shared host environment users with CREAT permissions can read arbitrary files
- CVE-2008-3456: cross-site framing attack
- CVE-2008-3457: user-assisted XSS attack