Описание
Security update for phpMyAdmin
This update to phpMyAdmin 4.4.15.10 fixes the following security issues:
- CVE-2016-6621: Multiple vulnerabilities in setup script (PMASA-2016-44)
- Open redirect (PMASA-2017-1)
- CVE-2015-8980: php-gettext code execution (PMASA-2017-2)
- DOS vulnerability in table editing (PMASA-2017-3)
- CSS injection in themes (PMASA-2017-4)
- SSRF in replication (PMASA-2017-6)
- DOS in replication status (PMASA-2017-7)
Список пакетов
openSUSE Leap 42.1
phpMyAdmin-4.4.15.10-31.2
openSUSE Leap 42.2
phpMyAdmin-4.4.15.10-31.2
Ссылки
- E-Mail link for openSUSE-SU-2017:0372-1
- SUSE Security Ratings
Описание
The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
Затронутые продукты
openSUSE Leap 42.1:phpMyAdmin-4.4.15.10-31.2
openSUSE Leap 42.2:phpMyAdmin-4.4.15.10-31.2
Ссылки
- CVE-2015-8980
- SUSE Bug 1020489
- SUSE Bug 1021597
Описание
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors.
Затронутые продукты
openSUSE Leap 42.1:phpMyAdmin-4.4.15.10-31.2
openSUSE Leap 42.2:phpMyAdmin-4.4.15.10-31.2
Ссылки
- CVE-2016-6621
- SUSE Bug 994313