Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 11 Jan 2010 18:33:07 -0500 (EST)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE Request: phpMyAdmin

Steve,

I'm going to defer this one to you for CVE assignment so you can dish out 2009 and 2008 ids for these.

Thanks.

-- 
    JB


----- "Ludwig Nussel" <ludwig.nussel@...e.de> wrote:

> Hi,
> 
> phpMyAdmin 2.11.10 was released with security fixes according to the
> changelog:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_10/phpMyAdmin/ChangeLog?revision=13152&view=markup
> 
> unserialize fix:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
> 
> the temporary file issues seem to be from 2008 but were not released
> so far:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
> 
> cu
> Ludwig
> 
> -- 
>  (o_   Ludwig Nussel
>  //\   
>  V_/_  http://www.suse.de/
> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.