Bug 13573 - phpmyadmin new security issue CVE-2014-4349
Summary: phpmyadmin new security issue CVE-2014-4349
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/603753/
Whiteboard: MGA3TOO has_procedure advisory mga3-3...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-06-22 16:15 CEST by David Walser
Modified: 2014-06-27 18:30 CEST (History)
4 users (show)

See Also:
Source RPM: phpmyadmin-4.1.8-1.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2014-06-22 16:15:56 CEST 
Upstream has issued an advisory on June 20:
http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php

The issue is fixed in 4.1.14.1.  We should update Mageia 3 and Mageia 4 to it.

We should also update Cauldron to 4.2.4 to fix that issue and another:
http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php (CVE-2014-4348)

Reproducible: 

Steps to Reproduce:
David Walser 2014-06-22 16:16:15 CEST

CC: (none) => lists.jjorge, oe

David Walser 2014-06-22 16:16:20 CEST

Whiteboard: (none) => MGA4TOO, MGA3TOO

Comment 1 David Walser 2014-06-23 16:14:23 CEST 
Updated packages uploaded for Mageia 3, Mageia 4, and Cauldron.

Advisory:
========================

Updated phpmyadmin packages fix security vulnerability:

In phpMyAdmin before 4.1.14, it is possible to trigger an XSS when hiding or
unhiding a crafted table name in the navigation, due to unescaped HTML output
in the navigation items hiding feature.  Note that this vulnerability can only
be triggered by someone who logged in to phpMyAdmin, as the usual token
protection prevents non-logged-in users from accessing the required form
(CVE-2014-4349).

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349
http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
========================

Updated packages in core/updates_testing:
========================
phpmyadmin-4.1.14.1-1.mga3
phpmyadmin-4.1.14.1-1.mga4

from SRPMS:
phpmyadmin-4.1.14.1-1.mga3.src.rpm
phpmyadmin-4.1.14.1-1.mga4.src.rpm

Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA4TOO, MGA3TOO => MGA3TOO

Comment 2 claire robinson 2014-06-23 19:53:27 CEST 
Procedure: https://bugs.mageia.org/show_bug.cgi?id=12834#c7

Whiteboard: MGA3TOO => MGA3TOO has_procedure

Comment 3 claire robinson 2014-06-24 16:43:26 CEST 
Testing complete mga4 64
Comment 4 claire robinson 2014-06-24 17:03:43 CEST 
Testing complete mga4 32

Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-06-24 17:36:54 CEST 
Testing complete mga3 32

Whiteboard: MGA3TOO has_procedure mga4-32-ok mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok

Comment 6 claire robinson 2014-06-24 17:47:22 CEST 
Testing complete mga3 64

Whiteboard: MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok

Comment 7 claire robinson 2014-06-24 18:01:38 CEST 
Validating. Advisory uploaded.

Could sysadmin please push to 3 & 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 8 Thomas Backlund 2014-06-27 17:25:58 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0275.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

David Walser 2014-06-27 18:30:51 CEST

URL: (none) => http://lwn.net/Vulnerabilities/603753/
Note You need to log in before you can comment on or make changes to this bug.