ports/154695: Update databases/phpmyadmin to 3.3.9.2

Doug Barton dougb at FreeBSD.org
Fri Feb 11 20:10:10 UTC 2011 

>Number:         154695
>Category:       ports
>Synopsis:       Update databases/phpmyadmin to 3.3.9.2
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 11 20:10:09 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Doug Barton
>Release:        FreeBSD 8.1-STABLE i386
>Organization:
AAAG
>Environment:
	DNA
>Description:
	3.3.9.2 is a security release to fix the following problem:
	http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php

	Announcement-ID: PMASA-2011-2
	Date: 2011-02-11

	Summary
	SQL query could be executed under another user.

	Description
	It was possible to create a bookmark which would be executed
	unintentionally by other users.

	Severity
	We consider this vulnerability to be critical. 
>How-To-Repeat:
	DNA
>Fix:
	Apply the following patch:

Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/databases/phpmyadmin/Makefile,v
retrieving revision 1.130
diff -u -r1.130 Makefile
--- Makefile	9 Feb 2011 14:28:26 -0000	1.130
+++ Makefile	11 Feb 2011 20:04:51 -0000
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	phpMyAdmin
-DISTVERSION=	3.3.9.1
+DISTVERSION=	3.3.9.2
 CATEGORIES=	databases www
 MASTER_SITES=	SF/${PORTNAME:L}/${PORTNAME}/${PORTVERSION}
 DISTNAME=	${PORTNAME}-${DISTVERSION}-all-languages
Index: distinfo
===================================================================
RCS file: /home/pcvs/ports/databases/phpmyadmin/distinfo,v
retrieving revision 1.108
diff -u -r1.108 distinfo
--- distinfo	9 Feb 2011 14:28:26 -0000	1.108
+++ distinfo	11 Feb 2011 20:04:51 -0000
@@ -1,2 +1,2 @@
-SHA256 (phpMyAdmin-3.3.9.1-all-languages.tar.bz2) = 6836d4dd731bcb6dd2b7b5f7e1cb29522af7bc3d02e424a439a1e377cf5c2518
-SIZE (phpMyAdmin-3.3.9.1-all-languages.tar.bz2) = 3675666
+SHA256 (phpMyAdmin-3.3.9.2-all-languages.tar.bz2) = ef66b764daffb16417d3d7b448b358a9548b004c9af03341107f167902a27a99
+SIZE (phpMyAdmin-3.3.9.2-all-languages.tar.bz2) = 3676120

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list