[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. e3596488cc4eed5e8a8d89a66b115bc74fe8d79b

Marc Delisle Fri, 08 Jul 2011 14:19:55 -0700

The branch, master has been updated
       via  e3596488cc4eed5e8a8d89a66b115bc74fe8d79b (commit)
      from  ebcfdbdef73254b04ee4f557cba36df87b43b026 (commit)



- Log -----------------------------------------------------------------
commit e3596488cc4eed5e8a8d89a66b115bc74fe8d79b
Author: Marc Delisle <[email protected]>
Date:   Fri Jul 8 17:18:39 2011 -0400

    Revert "New advisories"
    
    This reverts commit d79dc1d237de4c3246745c269376db7b99a9d1cb.
    
    These should not have been published yet.

-----------------------------------------------------------------------

Summary of changes:
 templates/security/PMASA-2011-10 |   52 ------------------------------------
 templates/security/PMASA-2011-9  |   54 --------------------------------------
 2 files changed, 0 insertions(+), 106 deletions(-)
 delete mode 100644 templates/security/PMASA-2011-10
 delete mode 100644 templates/security/PMASA-2011-9

diff --git a/templates/security/PMASA-2011-10 b/templates/security/PMASA-2011-10
deleted file mode 100644
index 77c3148..0000000
--- a/templates/security/PMASA-2011-10
+++ /dev/null
@@ -1,52 +0,0 @@
-<!--! Template for security announcement -->
-<html xmlns:py="http://genshi.edgewall.org/"; 
xmlns:xi="http://www.w3.org/2001/XInclude"; py:strip="">
-
-
-<py:def function="announcement_id">
-PMASA-2011-10
-</py:def>
-
-<py:def function="announcement_date">
-2011-07-XX
-</py:def>
-
-<py:def function="announcement_summary">
-Local file inclusion.
-</py:def>
-
-<py:def function="announcement_description">
-Via a crafted MIME-type transformation parameter, an attacker can perform a 
local file inclusion.
-</py:def>
-
-<py:def function="announcement_severity">
-We consider this vulnerability to be serious.
-</py:def>
-
-<py:def function="announcement_mitigation">
-The phpMyAdmin's configuration storage mechanism must be configured for this 
attack to work.
-</py:def>
-
-<py:def function="announcement_affected">
-Versions 3.4.0 to 3.4.3.1 are affected.
-</py:def>
-
-<py:def function="announcement_solution">
-Upgrade to phpMyAdmin 3.4.3.2 or apply the related patch listed below.
-</py:def>
-
-<!--! Links to reporter etc, do not forget to escape & to &amp; -->
-<py:def function="announcement_references">
-This issue was found by Norman Hippert from <a 
href="http://www.the-wildcat.de/";>The-Wildcat.de</a>
-</py:def>
-
-<!--! CVE ID of the report, this is automatically added to references -->
-<py:def function="announcement_cve">CVE-2011-XXXX</py:def>
-
-<py:def function="announcement_cwe">661 98</py:def>
-
-<py:def function="announcement_commits">
-f63e1bb42a37401b2fdfcd2e66cce92b7ea2025c
-</py:def>
-
-<xi:include href="_page.tpl" />
-</html>
diff --git a/templates/security/PMASA-2011-9 b/templates/security/PMASA-2011-9
deleted file mode 100644
index e34d305..0000000
--- a/templates/security/PMASA-2011-9
+++ /dev/null
@@ -1,54 +0,0 @@
-<!--! Template for security announcement -->
-<html xmlns:py="http://genshi.edgewall.org/"; 
xmlns:xi="http://www.w3.org/2001/XInclude"; py:strip="">
-
-
-<py:def function="announcement_id">
-PMASA-2011-9
-</py:def>
-
-<py:def function="announcement_date">
-2011-07-XX
-</py:def>
-
-<py:def function="announcement_summary">
-XSS in table Print view.
-</py:def>
-
-<py:def function="announcement_description">
-The attacker must trick the victim into clicking a link that reaches 
phpMyAdmin's table print view script; one of the link's parameters is a crafted 
table name (the name containing Javascript code).
-</py:def>
-
-<py:def function="announcement_severity">
-We consider this vulnerability to be minor.
-</py:def>
-
-<py:def function="announcement_mitigation">
-The crafted table name must exist (the attacker must have access to create a 
table on the victim's server).
-</py:def>
-
-<py:def function="announcement_affected">
-The 3.4.3.1 and earlier versions are affected.
-</py:def>
-
-<py:def function="announcement_solution">
-Upgrade to phpMyAdmin 3.4.3.2 or apply the related patch listed below.
-</py:def>
-
-<!--! Links to reporter etc, do not forget to escape & to &amp; -->
-<py:def function="announcement_references">
-This issue was found by Norman Hippert from <a 
href="http://www.the-wildcat.de/";>The-Wildcat.de</a>
-</py:def>
-
-<!--! CVE ID of the report, this is automatically added to references -->
-<py:def function="announcement_cve">CVE-2011-XXXX</py:def>
-
-<py:def function="announcement_cwe">661 79</py:def>
-
-<py:def function="announcement_commits">
-a0823be05aa5835f207c0838b9cca67d2d9a050a
-4bd27166c314faa37cada91533b86377f4d4d214
-
-</py:def>
-
-<xi:include href="_page.tpl" />
-</html>


hooks/post-receive
-- 
phpMyAdmin website

------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security 
threats, fraudulent activity, and more. Splunk takes this data and makes 
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git

[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. e3596488cc4eed5e8a8d89a66b115bc74fe8d79b

Reply via email to