Bug 15437

Summary: phpmyadmin new security issue CVE-2015-2206
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/636947/
Whiteboard:
Source RPM: phpmyadmin-4.2.13.1-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2015-03-05 21:10:31 CET 
Upstream has issued an advisory on March 4:
http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php

Strangely, phpMyAdmin 4.1 is unaffected, while 4.0 is.  I have verified this in the code.  Therefore, Mageia 4 is unaffected.

Updated package committed in Cauldron SVN.  Freeze push requested.

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2015-03-05 21:41:00 CET 
Fixed in phpmyadmin-4.2.13.2-1.mga5.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2015-03-16 20:33:08 CET

URL: (none) => http://lwn.net/Vulnerabilities/636947/