This bug was fixed in the package phpliteadmin - 1.9.7.1-1ubuntu0.1 --------------- phpliteadmin (1.9.7.1-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: authentication bypass (LP: #1767723) - debian/patches/Fix-authentication-bypass.patch: replace == with === in password comparation in classes/Authorization.php. Based on upstream commit - CVE-2018-10362 -- Nicholas Guriev <guriev...@ya.ru> Sat, 28 Apr 2018 00:14:25 +0300 ** Changed in: phpliteadmin (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1767723 Title: CVE-2018-10362: Authentication bypass To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/phpliteadmin/+bug/1767723/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs