Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 30 Jul 2013 17:39:31 +0200
From: Dieter Adriaenssens <dieter.adriaenssens@...il.com>
To: Jan Lieskovsky <jlieskov@...hat.com>
CC: cve-assign@...re.org, oss-security@...ts.openwall.com, 
 security@...myadmin.net
Subject: Re: [Phpmyadmin-security] Re: CVE Request -- phpMyAdmin
 3.5.8.2 and 4.0.4.2 are released

Hi,

Thanks for the CVE IDs.

On 2013-07-30 11:39, Jan Lieskovsky wrote:
>>>> * http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php
> 
> Use CVE-2013-4995.
> 
> As far as we can tell, this should be the only CVE needed for
> PMASA-2013-8; however, this link gives us a 404 error:
> 
>   "The following commits have been made on the 3.5 branch to
>   fix this issue: 51f343b91908d1b1bacaebe6db87c3d7aa522581"
> 
>> The proper link wrt to PMASA-2013-8 fix in phpMyAdmin v3.5.x seems to be
>> the following:
>>   https://github.com/phpmyadmin/phpmyadmin/commit/01d35b3558e47fba947719857bd71f6fd9e5dce8

The link to the fix for phpMyAdmin 3.5.x was updated in PMASA-2013-8.

Thanks for noticing.

Kind regards,

Dieter Adriaenssens
for the phpMyAdmin security team


Download attachment "signature.asc" of type "application/pgp-signature" (900 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.