Your message dated Wed, 11 Oct 2006 07:02:31 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#391090: fixed in phpmyadmin 4:2.9.0.2-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: phpmyadmin
Version: 4:2.8.2-0.2
Severity: grave
Hi,
the version of phpmyadmin currently in etch and sid is vulnerable to this
attack:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-5
--
Laurent Bonnaud.
http://www.lis.inpg.fr/pages_perso/bonnaud/
--- End Message ---
--- Begin Message ---
Source: phpmyadmin
Source-Version: 4:2.9.0.2-1
We believe that the bug you reported is fixed in the latest version of
phpmyadmin, which is due to be installed in the Debian FTP archive:
phpmyadmin_2.9.0.2-1.diff.gz
to pool/main/p/phpmyadmin/phpmyadmin_2.9.0.2-1.diff.gz
phpmyadmin_2.9.0.2-1.dsc
to pool/main/p/phpmyadmin/phpmyadmin_2.9.0.2-1.dsc
phpmyadmin_2.9.0.2-1_all.deb
to pool/main/p/phpmyadmin/phpmyadmin_2.9.0.2-1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst <[EMAIL PROTECTED]> (supplier of updated phpmyadmin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 11 Oct 2006 14:46:37 +0200
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:2.9.0.2-1
Distribution: unstable
Urgency: high
Maintainer: Thijs Kinkhorst <[EMAIL PROTECTED]>
Changed-By: Thijs Kinkhorst <[EMAIL PROTECTED]>
Description:
phpmyadmin - Administrate MySQL over the WWW
Closes: 357972 374918 377748 378681 382139 385365 385889 390484 391090
Changes:
phpmyadmin (4:2.9.0.2-1) unstable; urgency=low
.
* New maintainer, thanks Piotr for your previous work!
* Acknowledge NMU's, thanks Steinar! (Closes: #378681)
* Fix typo in debconf templates and unfuzzy that.
* Tweak package description.
.
phpmyadmin (4:2.9.0.2-0.1) unstable; urgency=high
.
* Non-maintainer upload with maintainer consent.
* Upgrade to latest upstream version to battle cross-site
request forgery (PMASA-2006-5, CVE-2006-5116, CVE-2006-5117,
closes: 391090).
* New upstream also fixes broken database export functionality
(closes: 374918) and database/table copy (closes: 390484).
* Update translations:
- Danish by Claus Hindsgaul (Closes: 357972).
- Italian by Luca Monducci (Closes: 382139).
- Spanish by Nacho Barrientos Arias (Closes: 385365).
.
phpmyadmin (4:2.8.2-0.2) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix issue with /var/www pointing to /usr/share/phpmyadmin.
(Closes: #385889)
* Make sure we install /var/www as a directory, since we make a symlink
into
it and we can't rely on it being there.
* Explicitly link to /var/www/phpmyadmin instead of /var/www, to make sure
we don't make a new /var/www even if it should be removed for some
reason.
.
phpmyadmin (4:2.8.2-0.1) unstable; urgency=high
.
* Non-maintainer upload.
* New upstream release.
* Fixes cross-site-scripting issues. [CVE-2006-3388] (Closes: #377748)
Files:
f04e499e4cd8bbea1bf9acd2c3ebc536 638 web extra phpmyadmin_2.9.0.2-1.dsc
e8776c4ec0bccaffadad0066caf42473 40920 web extra phpmyadmin_2.9.0.2-1.diff.gz
cc3dcd590a8c9f949089f992e3ddf138 3565720 web extra phpmyadmin_2.9.0.2-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFLPdHJdKMxZV9WM8RAkoXAKC5yeAli535YE6DyeYT7uoRXN2PhQCfZRwJ
vi6KjjqmUL/8iGQJNHxekrA=
=7C5P
-----END PGP SIGNATURE-----
--- End Message ---
