| Summary: | phpmyadmin new security issues fixed upstream in 4.4.15.7 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs, wilcal.int |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/692853/ | ||
| Whiteboard: | has_procedure MGA5-32-OK MGA5-64-OK advisory | ||
| Source RPM: | phpmyadmin-4.4.15.6-1.mga5.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2016-06-23 15:44:06 CEST
Actually PMASA-2016-27 only affects you if you're using an ancient PHP version. Updated packages uploaded for Mageia 5 and Cauldron. Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=12834#c7 https://bugs.mageia.org/show_bug.cgi?id=14208#c6 Advisory: ======================== Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows a BBCode injection to setup script in case it's not accessed on https (CVE-2016-5701). In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control user (CVE-2016-5703). In phpMyAdmin before 4.4.15.7, XSS vulnerabilities were discovered in the user privileges page, the error console, and the central columns, query bookmarks, and user groups features (CVE-2016-5705). In phpMyAdmin before 4.4.15.7, a Denial Of Service (DOS) attack was discovered in the way phpMyAdmin loads some JavaScript files (CVE-2016-5706). In phpMyAdmin before 4.4.15.7, by specially crafting requests in the following areas, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed (CVE-2016-5730). In phpMyAdmin before 4.4.15.7, with a specially crafted request, it is possible to trigger an XSS attack through the example OpenID authentication script (CVE-2016-5731). In phpMyAdmin before 4.4.15.7, XSS vulnerabilities were found through specially crafted databases, in AJAX error handling, and in the Transformation, Designer, charts, and zoom search features (CVE-2016-5733). In phpMyAdmin before 4.4.15.7, a vulnerability was reported where a specially crafted Transformation could be used to leak information including the authentication token. This could be used to direct a CSRF attack against a user (CVE-2016-5739). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5701 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5705 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5706 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5730 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5731 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5733 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5739 https://www.phpmyadmin.net/security/PMASA-2016-17/ https://www.phpmyadmin.net/security/PMASA-2016-19/ https://www.phpmyadmin.net/security/PMASA-2016-21/ https://www.phpmyadmin.net/security/PMASA-2016-22/ https://www.phpmyadmin.net/security/PMASA-2016-23/ https://www.phpmyadmin.net/security/PMASA-2016-24/ https://www.phpmyadmin.net/security/PMASA-2016-26/ https://www.phpmyadmin.net/security/PMASA-2016-28/ https://www.phpmyadmin.net/news/2016/6/23/phpmyadmin-401016-44157-and-463-are-released/ ======================== Updated packages in core/updates_testing: ======================== phpmyadmin-4.4.15.7-1.mga5 from phpmyadmin-4.4.15.7-1.mga5.src.rpm Assignee:
bugsquad =>
qa-bugs In VirtualBox, M5, KDE, 32-bit Package(s) under test: mariadb phpmyadmin default install of mariadb & phpmyadmin [root@localhost wilcal]# urpmi mariadb Package mariadb-10.0.25-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi phpmyadmin Package phpmyadmin-4.4.15.6-1.mga5.noarch is already installed start mysqladmin, set password to "mytest" open http://localhost/phpmyadmin/ create new database called test01. Close browser. Successfully reopen: http://localhost/phpmyadmin/ install phpmyadmin from updates_testing [root@localhost wilcal]# urpmi mariadb Package mariadb-10.0.25-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi phpmyadmin Package phpmyadmin-4.4.15.7-1.mga5.noarch is already installed open http://localhost/phpmyadmin/ create new database called test02. Close browser. Successfully reopen: http://localhost/phpmyadmin/ I can access db's test01 & test02 CC:
(none) =>
wilcal.int In VirtualBox, M5, KDE, 64-bit Package(s) under test: mariadb phpmyadmin default install of mariadb & phpmyadmin [root@localhost wilcal]# urpmi mariadb Package mariadb-10.0.25-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi phpmyadmin Package phpmyadmin-4.4.15.6-1.mga5.noarch is already installe start mysqladmin, set password to "mytest" open http://localhost/phpmyadmin/ create new database called test01. Close browser. Successfully reopen: http://localhost/phpmyadmin/ install phpmyadmin from updates_testing [root@localhost wilcal]# urpmi mariadb Package mariadb-10.0.25-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi phpmyadmin Package phpmyadmin-4.4.15.7-1.mga5.noarch is already installed open http://localhost/phpmyadmin/ create new database called test02. Close browser. Successfully reopen: http://localhost/phpmyadmin/ I can access db's test01 & test02 Good to go David. This update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks Keywords:
(none) =>
validated_update
David Walser
2016-06-28 00:16:14 CEST
URL:
(none) =>
http://lwn.net/Vulnerabilities/692853/
Dave Hodgins
2016-07-04 08:43:04 CEST
CC:
(none) =>
davidwhodgins An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0240.html Status:
NEW =>
RESOLVED |