Upstream has issued advisories on November 20: http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php The issues are fixed in 4.1.14.7 and 4.2.12. Freeze push requested for Cauldron. Updated packages uploaded for Mageia 3 and Mageia 4. Advisory: ======================== Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.7, with a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page, with a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages, and with a crafted value for font size it is possible to trigger an XSS attack in the home page (CVE-2014-8958). In phpMyAdmin before 4.1.14.7, in the GIS editor feature, a parameter specifying the geometry type was not correcly validated, opening the door to a local file inclusion attack (CVE-2014-8959). In phpMyAdmin before 4.1.14.7, with a crafted file name it is possible to trigger an XSS in the error reporting page (CVE-2014-8960). In phpMyAdmin before 4.1.14.7, in the error reporting feature, a parameter specifying the file was not correctly validated, allowing the attacker to derive the line count of an arbitrary file (CVE-2014-8961). References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961 http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php ======================== Updated packages in core/updates_testing: ======================== phpmyadmin-4.1.14.7-1.mga3 phpmyadmin-4.1.14.7-1.mga4 from SRPMS: phpmyadmin-4.1.14.7-1.mga3.src.rpm phpmyadmin-4.1.14.7-1.mga4.src.rpm Reproducible: Steps to Reproduce:
Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=12834#c7 https://bugs.mageia.org/show_bug.cgi?id=14208#c6
Whiteboard: (none) => MGA3TOO has_procedure
Testing on Mageia3-64 real HW Current package : --------------- # rpm -q phpmyadmin phpmyadmin-4.1.14.6-1.mga3 Followed procedure mentionned in comment 1 All ok Updated to testing package -------------------------- # rpm -q phpmyadmin phpmyadmin-4.1.14.7-1.mga3 phpmyadmin first page states : Version : 4.1.14.7, dernière version stable : 4.2.12 Followed same procedure. All OK.
CC: (none) => olchalWhiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure MGA3-64-OK
Testing on Mageia4-64 real HW, following procedures mentionned in comment 1 First with current package : # rpm -q phpmyadmin phpmyadmin-4.1.14.6-1.mga4 Then with updated testing package : - phpmyadmin-4.1.14.7-1.mga4.noarch On first page of http://localhost/phpmyadmin Version information: 4.1.14.7, latest stable version: 4.2.12. All OK
Whiteboard: MGA3TOO has_procedure MGA3-64-OK => MGA3TOO has_procedure MGA3-64-OK MGA4-64-OK
Validating for inclusion in mga3. Advisory uploaded. Please push to updates
Keywords: (none) => validated_updateWhiteboard: MGA3TOO has_procedure MGA3-64-OK MGA4-64-OK => MGA3TOO has_procedure advisory MGA3-64-OK MGA4-64-OKCC: (none) => sysadmin-bugs
URL: (none) => http://lwn.net/Vulnerabilities/623206/
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0495.html
Status: NEW => RESOLVEDResolution: (none) => FIXED