[Bug 1767723] Re: CVE-2018-10362: Authentication bypass

Launchpad Bug Tracker Tue, 01 May 2018 13:51:01 -0700

This bug was fixed in the package phpliteadmin - 1.9.7.1-1ubuntu0.1

---------------
phpliteadmin (1.9.7.1-1ubuntu0.1) bionic-security; urgency=medium


  * SECURITY UPDATE: authentication bypass (LP: #1767723)
    - debian/patches/Fix-authentication-bypass.patch:
      replace == with === in password comparation in
      classes/Authorization.php. Based on upstream commit
    - CVE-2018-10362

 -- Nicholas Guriev <guriev...@ya.ru>  Sat, 28 Apr 2018 00:14:25 +0300

** Changed in: phpliteadmin (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1767723

Title:
  CVE-2018-10362: Authentication bypass

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpliteadmin/+bug/1767723/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1767723] Re: CVE-2018-10362: Authentication bypass

Reply via email to