Date: Thu, 22 Dec 2011 11:01:28 GMT From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: FreeBSD-gnats-submit@FreeBSD.org Cc: secteam@FreeBSD.org Subject: ports/163528: [maintainer] databases/phpmyadmin -- security update to 3.4.9 Message-ID: <201112221101.pBMB1SxL001056@lucid-nonsense.infracaninophile.co.uk> Resent-Message-ID: <201112221110.pBMBA8oa029603@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 163528 >Category: ports >Synopsis: [maintainer] databases/phpmyadmin -- security update to 3.4.9 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Thu Dec 22 11:10:07 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Matthew Seaman >Release: FreeBSD 8.2-STABLE amd64 >Organization: Infracaninophile >Environment: System: FreeBSD lucid-nonsense.infracaninophile.co.uk 8.2-STABLE FreeBSD 8.2-STABLE #24 r227991: Sat Nov 26 13:33:22 GMT 2011 root@lucid-nonsense.infracaninophile.co.uk:/usr/obj/usr/src/sys/LUCID-NONSENSE amd64 >Description: Hopefully for the last time this year: This is the formal release of the fix for these securty vulnerabilities. However the code is identical to the quick-reaction patches in 3.4.9-rc1 other than updating the version number. Security advisories have now been published: http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php CVE Numbers: CVE-2011-4782 CVE-2011-4780 Release Notes: Welcome to phpMyAdmin 3.4.9, a bugfix release with minor security corrections. 3.4.9.0 (2011-12-21) - bug #3442028 [edit] Inline editing enum fields with null shows no dropdown - bug #3442004 [interface] DB suggestion not correct for user with underscore - bug #3438420 [core] Magic quotes removed in PHP 5.4 - bug #3398788 [session] No feedback when result is empty (signon auth_type) - bug #3384035 [display] Problems regarding ShowTooltipAliasTB - bug #3306875 [edit] Can't rename a database that contains views - bug #3452506 [edit] Unable to move tables with triggers - bug #3449659 [navi] Fast filter broken with table tree - bug #3448485 [GUI] Firefox favicon frameset regression - [core] Better compatibility with mysql extension - [security] Self-XSS on export options (export server/database/table), see PMASA-2011-20 - [security] Self-XSS in setup (host parameter), see PMASA-2011-19 http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.4.9%2FphpMyAdmin-3.4.9-notes.html/view >How-To-Repeat: >Fix: --- phpmyadmin.diff begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/databases/phpmyadmin/Makefile,v retrieving revision 1.150 diff -u -u -r1.150 Makefile --- Makefile 16 Dec 2011 01:43:54 -0000 1.150 +++ Makefile 22 Dec 2011 10:25:43 -0000 @@ -6,7 +6,7 @@ # PORTNAME= phpMyAdmin -DISTVERSION= 3.4.9-rc1 +DISTVERSION= 3.4.9 CATEGORIES= databases www MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages Index: distinfo =================================================================== RCS file: /home/ncvs/ports/databases/phpmyadmin/distinfo,v retrieving revision 1.126 diff -u -u -r1.126 distinfo --- distinfo 16 Dec 2011 01:43:54 -0000 1.126 +++ distinfo 22 Dec 2011 10:25:43 -0000 @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-3.4.9-rc1-all-languages.tar.xz) = c005a3880f38e9d20809b2592b5fe108d11fc56bdf4cf666db5e07447ae40096 -SIZE (phpMyAdmin-3.4.9-rc1-all-languages.tar.xz) = 3639524 \ No newline at end of file +SHA256 (phpMyAdmin-3.4.9-all-languages.tar.xz) = b7bceab1d9a6a8d2658e9739f848248faa8aefd945c9f5b33522a00b201363ba +SIZE (phpMyAdmin-3.4.9-all-languages.tar.xz) = 3640512 --- phpmyadmin.diff ends here --- --- vuxml.diff begins here --- Index: vuln.xml =================================================================== RCS file: /home/ncvs/ports/security/vuxml/vuln.xml,v retrieving revision 1.2522 diff -u -u -r1.2522 vuln.xml --- vuln.xml 21 Dec 2011 12:40:43 -0000 1.2522 +++ vuln.xml 22 Dec 2011 10:38:36 -0000 @@ -47,6 +47,42 @@ --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="8d2274e1-2c87-11e1-b2a3-e0cb4e266481"> + <topic>phpMyAdmin -- Two XSS vulnerabilities</topic> + <affects> + <package> + <name>phpMyAdmin</name> + <range><gt>3.4</gt><lt>3.4.9.r1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The phpMyAdmin development team reports:</p> + <blockquote cite="http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php"> + <p>Crafted values entered in the setup interface can produce + XSS; also, if the config directory exists and is writeable, + the XSS payload can be saved to this directory.</p> + </blockquote> + + <blockquote cite="http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php"> + <p>Using crafted url parameters, it was possible to produce + XSS on the export panels in the server, database and table + sections.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-4782</cvename> + <cvename>CVE-2011-4780</cvename> + <url>http://www.phpmyadmin.net/home_page/security/PMASA-2011-19.php</url> + <url>http://www.phpmyadmin.net/home_page/security/PMASA-2011-20.php</url> + </references> + <dates> + <discovery>2011-12-14</discovery> + <entry>2011-12-22</entry> + </dates> + </vuln> + <vuln vid="e3ff776b-2ba6-11e1-93c6-0011856a6e37"> <topic>mozilla -- multiple vulnerabilities</topic> <affects> --- vuxml.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112221101.pBMB1SxL001056>