ports/95411: [maintiner] databases/phpmyadmin -- security update to 2.8.0.3
Matthew Seaman
m.seaman at infracaninophile.co.uk
Thu Apr 6 14:20:30 UTC 2006
>Number: 95411
>Category: ports
>Synopsis: [maintiner] databases/phpmyadmin -- security update to 2.8.0.3
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 06 14:20:18 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Matthew Seaman
>Release: FreeBSD 6.1-PRERELEASE i386
>Organization:
Infracaninophile
>Environment:
System: FreeBSD lack-of-gravitas.thebunker.net 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #14: Mon Mar 27 11:18:37 BST 2006 root at lack-of-gravitas.thebunker.net:/usr/obj/usr/src/sys/LACK-OF-GRAVITAS i386
>Description:
The phpMyAdmin project has issued a security advisory and a new version
of phpMyAdmin:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-1
There is a XSS vulnerability in all previous versions of phpMyAdmin that
support themes.
Changelog is at:
https://sourceforge.net/project/shownotes.php?release_id=407619
>How-To-Repeat:
>Fix:
--- phpmyadmin.diff begins here ---
diff -Nur /usr/ports/databases/phpmyadmin/Makefile phpmyadmin/Makefile
--- /usr/ports/databases/phpmyadmin/Makefile Wed Mar 22 08:18:07 2006
+++ phpmyadmin/Makefile Thu Apr 6 14:55:09 2006
@@ -6,7 +6,7 @@
#
PORTNAME= phpMyAdmin
-DISTVERSION= 2.8.0.2
+DISTVERSION= 2.8.0.3
CATEGORIES= databases www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= phpmyadmin
diff -Nur /usr/ports/databases/phpmyadmin/distinfo phpmyadmin/distinfo
--- /usr/ports/databases/phpmyadmin/distinfo Tue Mar 21 09:49:01 2006
+++ phpmyadmin/distinfo Thu Apr 6 14:55:33 2006
@@ -1,3 +1,3 @@
-MD5 (phpMyAdmin-2.8.0.2.tar.bz2) = 9c948b20af568304cbb8ff58c322058b
-SHA256 (phpMyAdmin-2.8.0.2.tar.bz2) = 0973b40a42cff88a167d643f025551756ab364c0bffe3cc47365f4799e473724
-SIZE (phpMyAdmin-2.8.0.2.tar.bz2) = 2010290
+MD5 (phpMyAdmin-2.8.0.3.tar.bz2) = 87ee2e17c9381e969c8f740242220e29
+SHA256 (phpMyAdmin-2.8.0.3.tar.bz2) = 89a15217b9b090ec01e1a4b90c90b2df2ac6b6e192c64385c816d33cc7efaff0
+SIZE (phpMyAdmin-2.8.0.3.tar.bz2) = 2011518
--- phpmyadmin.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list