[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
This bug was fixed in the package phpmyadmin - 4:2.9.1.1-2ubuntu1.2 --- phpmyadmin (4:2.9.1.1-2ubuntu1.2) feisty-security; urgency=low * SECURITY UPDATE: + debian/patches/050_CVE-2008-1149.dpatch - Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service. (LP: #198745) * References: + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1149 + http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 -- Emanuele Gentili [EMAIL PROTECTED] Tue, 11 Mar 2008 06:03:46 +0100 ** Changed in: phpmyadmin (Ubuntu Feisty) Status: Fix Committed = Fix Released -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Edgy) Status: Fix Committed = Fix Released ** Changed in: phpmyadmin (Ubuntu Dapper) Status: Fix Committed = Fix Released -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
Feisty uploaded. (meh, yada) ** Changed in: phpmyadmin (Ubuntu Feisty) Status: Confirmed = Fix Committed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Dapper) Status: Confirmed = In Progress -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
sorry for delay. ** Attachment added: dapper_phpmyadmin_2.8.0.3-1ubuntu0.1.debdiff http://launchpadlibrarian.net/12673013/dapper_phpmyadmin_2.8.0.3-1ubuntu0.1.debdiff -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
Looks great, I've uploaded dapper now. ** Changed in: phpmyadmin (Ubuntu Dapper) Status: In Progress = Fix Committed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
The dapper attachment seems to be against edgy? -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
The feisty build is missing an Ubuntu maintainer in the debian/control file. ** Changed in: phpmyadmin (Ubuntu Feisty) Status: In Progress = Incomplete ** Changed in: phpmyadmin (Ubuntu Dapper) Status: In Progress = Incomplete -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
Edgy uploaded, thanks! It should be published shortly. ** Changed in: phpmyadmin (Ubuntu Edgy) Status: In Progress = Fix Committed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
yada rebuild control by default, i will work to it. ** Changed in: phpmyadmin (Ubuntu Feisty) Status: Incomplete = Confirmed ** Changed in: phpmyadmin (Ubuntu Dapper) Status: Incomplete = Confirmed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Attachment added: feisty_phpmyadmin_2.9.1.1-2ubuntu1.2.debdiff http://launchpadlibrarian.net/12564447/feisty_phpmyadmin_2.9.1.1-2ubuntu1.2.debdiff ** Changed in: phpmyadmin (Ubuntu Feisty) Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Attachment added: edgy_phpmyadmin_2.8.2-0.2ubuntu0.1.debdiff http://launchpadlibrarian.net/12564497/edgy_phpmyadmin_2.8.2-0.2ubuntu0.1.debdiff -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Attachment added: dapper_phpmyadmin_2.8.2-0.2ubuntu0.1.debdiff http://launchpadlibrarian.net/12564515/dapper_phpmyadmin_2.8.2-0.2ubuntu0.1.debdiff ** Changed in: phpmyadmin (Ubuntu Edgy) Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress ** Changed in: phpmyadmin (Ubuntu Dapper) Assignee: (unassigned) = Emanuele Gentili (emgent) Status: New = In Progress -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) ** Attachment added: hardy_phpmyadmin_2.11.3-1ubuntu1.debdiff http://launchpadlibrarian.net/12446023/hardy_phpmyadmin_2.11.3-1ubuntu1.debdiff -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Gutsy) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) ** Changed in: phpmyadmin (Ubuntu Hardy) Status: New = Fix Committed ** Changed in: phpmyadmin (Ubuntu Feisty) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) ** Changed in: phpmyadmin (Ubuntu Edgy) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) ** Changed in: phpmyadmin (Ubuntu Dapper) Importance: Undecided = High Assignee: (unassigned) = Emanuele Gentili (emgent) ** Attachment added: gutsy_phpmyadmin_2.10.3-1ubuntu0.2.debdiff http://launchpadlibrarian.net/12446663/gutsy_phpmyadmin_2.10.3-1ubuntu0.2.debdiff -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
This bug was fixed in the package phpmyadmin - 4:2.11.3-1ubuntu1 --- phpmyadmin (4:2.11.3-1ubuntu1) hardy; urgency=low * SECURITY UPDATE: + debian/patches/050_CVE-2008-1149.dpatch - Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service. (LP: #198745) * References: + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1149 + http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 * debian/control: + updated maintainer field -- Emanuele Gentili [EMAIL PROTECTED] Wed, 05 Mar 2008 20:17:28 +0100 ** Changed in: phpmyadmin (Ubuntu Hardy) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1149 -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
** Changed in: phpmyadmin (Ubuntu Feisty) Assignee: Emanuele Gentili (emgent) = (unassigned) ** Changed in: phpmyadmin (Ubuntu Edgy) Assignee: Emanuele Gentili (emgent) = (unassigned) ** Changed in: phpmyadmin (Ubuntu Dapper) Assignee: Emanuele Gentili (emgent) = (unassigned) ** Changed in: phpmyadmin (Ubuntu Gutsy) Status: New = In Progress -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
another big thanks to hk47 -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
Thanks! Gutsy is being built and uploaded now. ** Changed in: phpmyadmin (Ubuntu Gutsy) Status: In Progress = Fix Committed -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 198745] Re: [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery)
This bug was fixed in the package phpmyadmin - 4:2.10.3-1ubuntu0.2 --- phpmyadmin (4:2.10.3-1ubuntu0.2) gutsy-security; urgency=low * SECURITY UPDATE: + debian/patches/050_CVE-2008-1149.dpatch - Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service. (LP: #198745) * References: + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1149 + http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-1 -- Emanuele Gentili [EMAIL PROTECTED] Wed, 05 Mar 2008 20:38:57 +0100 ** Changed in: phpmyadmin (Ubuntu Gutsy) Status: Fix Committed = Fix Released -- [phpmyadmin] [PMASA-2008-1] SQL injection vulnerability (Delayed Cross Site Request Forgery) https://bugs.launchpad.net/bugs/198745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs