Bug#742097: marked as done (phpmyadmin: "Require all denied" should be used in place of "Deny from All")

Wed, 26 Mar 2014 02:54:34 -0700 

Your message dated Wed, 26 Mar 2014 09:51:17 +0000
with message-id <[email protected]>
and subject line Bug#742097: fixed in phpmyadmin 4:4.1.11-2
has caused the Debian Bug report #742097,
regarding phpmyadmin: "Require all denied" should be used in place of "Deny 
from All"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
742097: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742097
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: phpmyadmin
Version: 4:4.1.9-1
Severity: normal

Dear Maintainer,

instead of using the Apache 2.2-style snippet

+    Order Deny,Allow
+    Deny from All

you should rather use

-    Require all denied

which is the Apache 2.4 standard way of preventing access.

Thank you for considering this.

KR,

Ralf

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages phpmyadmin depends on:
ii  dbconfig-common           1.8.47+nmu1
ii  debconf [debconf-2.0]     1.5.52
ii  libapache2-mod-php5       5.5.9+dfsg-1
ii  libjs-codemirror          2.23-1
ii  libjs-jquery              1.7.2+dfsg-3
ii  libjs-jquery-cookie       9-1
ii  libjs-jquery-event-drag   9-1
ii  libjs-jquery-mousewheel   9-1
ii  libjs-jquery-tablesorter  9-1
ii  libjs-jquery-ui           1.10.1+dfsg-1
ii  libjs-sphinxdoc           1.2.2+dfsg-1
ii  perl                      5.18.2-2+b1
ii  php-gettext               1.0.11-1
ii  php-tcpdf                 6.0.048+dfsg-2
ii  php5-json                 1.3.3-1
ii  php5-mcrypt               5.5.9+dfsg-1
ii  php5-mysql                5.5.9+dfsg-1
ii  ucf                       3.0027+nmu1

Versions of packages phpmyadmin recommends:
ii  apache2                                  2.4.7-1
ii  apache2-bin [httpd]                      2.4.7-1
ii  mysql-client-5.5 [virtual-mysql-client]  5.5.35+dfsg-2
ii  php5-gd                                  5.5.9+dfsg-1

Versions of packages phpmyadmin suggests:
ii  links [www-browser]                      2.8-1+b1
ii  mysql-server                             5.5.35+dfsg-2
ii  mysql-server-5.5 [virtual-mysql-server]  5.5.35+dfsg-2
ii  w3m [www-browser]                        0.5.3-15

-- Configuration Files:
/etc/phpmyadmin/apache.conf changed [not included]
/etc/phpmyadmin/config.inc.php changed [not included]

-- debconf information:
  phpmyadmin/dbconfig-remove:
* phpmyadmin/dbconfig-install: true
  phpmyadmin/db/dbname: phpmyadmin
  phpmyadmin/upgrade-backup: true
  phpmyadmin/upgrade-error: abort
  phpmyadmin/mysql/method: unix socket
  phpmyadmin/internal/skip-preseed: false
  phpmyadmin/remote/newhost:
  phpmyadmin/purge: false
  phpmyadmin/dbconfig-reinstall: false
  phpmyadmin/internal/reconfiguring: false
  phpmyadmin/install-error: abort
  phpmyadmin/database-type: mysql
  phpmyadmin/missing-db-package-error: abort
  phpmyadmin/remove-error: abort
* phpmyadmin/dbconfig-upgrade: true
  phpmyadmin/mysql/admin-user: root
  phpmyadmin/remote/port:
* phpmyadmin/reconfigure-webserver:
  phpmyadmin/remote/host:
  phpmyadmin/setup-username: admin
  phpmyadmin/db/app-user: phpmyadmin
  phpmyadmin/passwords-do-not-match:

--- End Message ---
--- Begin Message --- 
Source: phpmyadmin
Source-Version: 4:4.1.11-2

We believe that the bug you reported is fixed in the latest version of
phpmyadmin, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michal Čihař <[email protected]> (supplier of updated phpmyadmin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 26 Mar 2014 10:11:11 +0100
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:4.1.11-2
Distribution: unstable
Urgency: medium
Maintainer: Thijs Kinkhorst <[email protected]>
Changed-By: Michal Čihař <[email protected]>
Description: 
 phpmyadmin - MySQL web administration tool
Closes: 740731 742097
Changes: 
 phpmyadmin (4:4.1.11-2) unstable; urgency=medium
 .
   * Use Apache 2.4 syntax for denying access (Closes: #742097).
   * Do not use packaged CodeMirror as it's too old for phpMyAdmin
     (Closes: #740731).
Checksums-Sha1: 
 0b8ed9479d7905fe7c63d6d203be4c89e009660d 1920 phpmyadmin_4.1.11-2.dsc
 1ae3ad829943b714ad39137f4db59032fac01aa6 46512 
phpmyadmin_4.1.11-2.debian.tar.xz
 136a4a08f3d670be317452b44e3f9499c1eaacf7 3411952 phpmyadmin_4.1.11-2_all.deb
Checksums-Sha256: 
 70866fbb4d236be2082f433e08f9c58fee35afd619a796d52a3cf811ac009b02 1920 
phpmyadmin_4.1.11-2.dsc
 89a77cdeb4d069941cc8af356d11a0c75ab6d1d2d49c03c3de30d00e609700f5 46512 
phpmyadmin_4.1.11-2.debian.tar.xz
 06348613144e2d102c561564085556d86b701a1b4a2230730f1d7af989d1d3ad 3411952 
phpmyadmin_4.1.11-2_all.deb
Files: 
 eb7b56e4546145e648fbaba2ad6c21e4 1920 web extra phpmyadmin_4.1.11-2.dsc
 1dad46882ed5fcdb684a22b225e038e2 46512 web extra 
phpmyadmin_4.1.11-2.debian.tar.xz
 c631d1d513add44264393fa78dd7c6b6 3411952 web extra phpmyadmin_4.1.11-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTMpyoAAoJEGo39bHX+xdNnEYQAKhE1mcC5C+dxW7+zAILmDg8
XLo74Zd2p5cKMSSgZuwZtslLJaFdxlgFORpSWTSubYMEm1nfoXjO7tlzvTIrDSdI
K4Y5zjp5TAxudXUzTmyIWnJEqPJmqSoWY6eHZFFwFoKZrtALRYtmf92s7fZREOHY
x3rmMao9Y0QzkW04XirvCw2+H031Ydpp+vx6yb+AifGnA4/5R3Xikkx6iiTRz3Lv
m/9gdOfwANzckJ4yyiB+BTXSvNeNiyEhBLyA3dRWPeYO2IbjSdZ4ULB9qq71Hp6x
BKBctlx/tEU4dIbgjsmeQw6VEnU1ltfvCBdBq0dZCunip4sixsQUfeYhnCr2pL2b
Jtmv24dG6V6TmFZWdFhgfpAxoyWALta6IP2+x/SJgw4GiO3h7vH/xh8oQI38x4/g
g20FawAz/nC1o28DnoWHuNKmEAJTf02z/dJSKo33MF+V3V7Zjdwzbnu7XJP8B0yR
WBvkzqHx1ajbOmvypxhTCoigbAoGHq6Oj3dfsum0Ns3PhN09imJuydfcgjjSv2zo
SAKKZ+lYAtYTcROyZ5JOSO5QKPqgQGz+P5/1foJenk5lZWSklfFpHWK2H3hFWH7Z
/oxVPnKdPJscrjPQDaN86fR0p9ACkudu0rT0Y/6MNeu9FgSF6ycku5MeBQ0QxZtw
sLfdqjPF8+uTLMpC83Zk
=JnZL
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to