ports/74111: [Maintainer] databases/phpmyadmin -- Security update to 2.6.0-pl3 to fix XSS problems
Matthew Seaman
m.seaman at infracaninophile.co.uk
Fri Nov 19 10:20:20 UTC 2004
>Number: 74111
>Category: ports
>Synopsis: [Maintainer] databases/phpmyadmin -- Security update to 2.6.0-pl3 to fix XSS problems
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Nov 19 10:20:19 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Matthew Seaman
>Release: FreeBSD 4.10-STABLE i386
>Organization:
Infracaninophile
>Environment:
System: FreeBSD happy-idiot-talk.infracaninophile.co.uk 4.10-STABLE FreeBSD 4.10-STABLE #88: Sun Nov 14 16:39:39 GMT 2004 root at happy-idiot-talk.infracaninophile.co.uk:/usr/obj/usr/src/sys/HAPPY-IDIOT-TALK i386
>Description:
Update to phpMyAdmin-2.6.0-pl3
This is a security fix to close some XSS holes. See:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-3
Also sneak in a very minor cosmetic fix to pkg-message
>How-To-Repeat:
>Fix:
--- phpmyadmin.diff begins here ---
diff -Nur /usr/ports/databases/phpmyadmin/Makefile phpmyadmin/Makefile
--- /usr/ports/databases/phpmyadmin/Makefile Sat Oct 23 11:43:46 2004
+++ phpmyadmin/Makefile Fri Nov 19 09:36:08 2004
@@ -6,7 +6,7 @@
#
PORTNAME= phpMyAdmin
-PORTVERSION= 2.6.0.2
+PORTVERSION= 2.6.0.3
CATEGORIES= databases www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= phpmyadmin
diff -Nur /usr/ports/databases/phpmyadmin/distinfo phpmyadmin/distinfo
--- /usr/ports/databases/phpmyadmin/distinfo Sat Oct 23 11:43:46 2004
+++ phpmyadmin/distinfo Fri Nov 19 09:37:07 2004
@@ -1,2 +1,2 @@
-MD5 (phpMyAdmin-2.6.0-pl2.tar.bz2) = f9000262ce736ec21369e1be1522ea0d
-SIZE (phpMyAdmin-2.6.0-pl2.tar.bz2) = 1278267
+MD5 (phpMyAdmin-2.6.0-pl3.tar.bz2) = 9580c5da497af4ff9ff3af7fa6e2793c
+SIZE (phpMyAdmin-2.6.0-pl3.tar.bz2) = 1279183
diff -Nur /usr/ports/databases/phpmyadmin/pkg-message phpmyadmin/pkg-message
--- /usr/ports/databases/phpmyadmin/pkg-message Thu May 20 17:29:49 2004
+++ phpmyadmin/pkg-message Fri Nov 19 10:12:44 2004
@@ -9,3 +9,4 @@
that you add the following to httpd.conf:
Alias /phpmyadmin/ "%%PREFIX%%/%%MYADMDIR%%/"
+
--- phpmyadmin.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list