Bug 33948 - phpmyadmin: version 5.2.2
Summary: phpmyadmin: version 5.2.2
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2025-01-22 10:10 CET by Marc Krämer
Modified: 2025-01-24 20:46 CET (History)
4 users (show)

See Also:
Source RPM: phpmyadmin
CVE: PMASA-2025-1, PMASA-2025-2, CVE-2023-30536, CVE-2024-2961, PMASA-2025-3
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Marc Krämer 2025-01-22 10:10:14 CET 
Bugfixes, Security relase
https://www.phpmyadmin.net/news/2025/1/21/phpMyAdmin-522-is-released/
Marc Krämer 2025-01-22 10:11:33 CET

CVE: (none) => PMASA-2025-1, CVE-2023-30536, CVE-2024-2961, PMASA-2025-3

Marc Krämer 2025-01-22 10:13:04 CET

CVE: PMASA-2025-1, CVE-2023-30536, CVE-2024-2961, PMASA-2025-3 => PMASA-2025-1, PMASA-2025-2, CVE-2023-30536, CVE-2024-2961, PMASA-2025-3

Comment 1 Marc Krämer 2025-01-22 12:18:15 CET 
Suggested advisory:
========================
This update of phpmyadmin is a bug fix release with some minor security issues fixed.


References:
https://www.phpmyadmin.net/news/2025/1/21/phpMyAdmin-522-is-released/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2961
========================

Updated packages in {core,tainted}/updates_testing:
========================
phpmyadmin-5.2.2-1.mga9.noarch.rpm

SRPM:
phpmyadmin-5.2.2-1.mga9.src.rpm

Assignee: mageia => qa-bugs

katnatek 2025-01-22 19:15:20 CET

Keywords: (none) => advisory

PC LX 2025-01-23 02:04:44 CET

CC: (none) => mageia

Comment 2 Herman Viaene 2025-01-24 14:56:56 CET 
MGA9-64 Plasma Wayland on Compaq H000SB
No installation issues.
Maker sure httpd and mysqld are running,
then used phpmyadmin to create a new database, a new table with a PK, a unique key and a timestamp. Inserted some values, and browsed the table. All works OK.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA9-64-OK

Comment 3 PC LX 2025-01-24 16:14:17 CET 
Installed and tested without issues.


Tested:
- local and remote MariaDB servers;
- two factor authentication plugin;
- user/account editing;
- import and export;
- creating and dropping databases;
- creating, altering, and dropping tables;
- SELECT, UPDATE, and DELETE SQL queries;
All OK.

Using php-fpm instead of mod_php.




System: Mageia 9, x86_64, Apache, MariaDB, Firefox, Chromium, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz.



$ uname -a
Linux marte 6.6.65-server-2.mga9 #1 SMP PREEMPT_DYNAMIC Thu Dec 12 14:35:32 UTC 2024 x86_64 GNU/Linux
$ rpm -q phpmyadmin apache mariadb
phpmyadmin-5.2.2-1.mga9
apache-2.4.62-1.mga9
mariadb-10.11.10-1.mga9
Comment 4 Thomas Andrews 2025-01-24 19:33:12 CET 
Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 5 Mageia Robot 2025-01-24 20:46:49 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2025-0023.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.