[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 12 Jan 2010 19:53:44 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>
Subject: Re: CVE Request: phpMyAdmin
On Mon, 11 Jan 2010, Ludwig Nussel wrote:
> Hi,
>
> phpMyAdmin 2.11.10 was released with security fixes according to the
> changelog:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_10/phpMyAdmin/ChangeLog?revision=13152&view=markup
>
> unserialize fix:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=13149
Use CVE-2009-4605, to be filled in later
> the temporary file issues seem to be from 2008 but were not released
> so far:
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
Use CVE-2008-7251
> http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
Use CVE-2008-7252
- Steve
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
