Accepted phpmyadmin 4:3.4.11.1-2+deb7u3 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 22 Apr 2016 11:54:07 -0400
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:3.4.11.1-2+deb7u3
Distribution: wheezy-security
Urgency: medium
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Antoine Beaupré <anarcat@debian.org>
Description:
phpmyadmin - MySQL web administration tool
Changes:
phpmyadmin (4:3.4.11.1-2+deb7u3) wheezy-security; urgency=medium
.
* Fix security issues:
- CVE-2016-1927: suggestPassword generates weak passphrases
- CVE-2016-2038: information disclosure via crafted requests
- CVE-2016-2039: weak CSRF token values
- CVE-2016-2040: XSS vulnerabilities in authenticated users
- CVE-2016-2041: information breach in CSRF token comparison
- CVE-2016-2045: XSS injection via crafted SQL queries
- CVE-2016-2560: XSS injection
Checksums-Sha1:
df734fd678c3b01a6d6968dde078b3796047636e 1938 phpmyadmin_3.4.11.1-2+deb7u3.dsc
3cd2b397fac6505d3a827663dfef795d310b2d65 95831 phpmyadmin_3.4.11.1-2+deb7u3.debian.tar.gz
fa976b27ae73723de078f51319a02295f849db24 5527434 phpmyadmin_3.4.11.1-2+deb7u3_all.deb
Checksums-Sha256:
18af94e8d911c6c383ef743123c079e8e92f478cafb758b3958010c9d415c2c4 1938 phpmyadmin_3.4.11.1-2+deb7u3.dsc
7b98e7ec1e35c0dda840d34bb6fe5bae511f3be34c51fe5f8b5660bc25f637f1 95831 phpmyadmin_3.4.11.1-2+deb7u3.debian.tar.gz
df62ff9f40685223a1e5004b3ca381071555b115969850fdba539ccb0c0eb1ad 5527434 phpmyadmin_3.4.11.1-2+deb7u3_all.deb
Files:
8ff0c24c7aee63cdb3cd994f14ce8f94 1938 web extra phpmyadmin_3.4.11.1-2+deb7u3.dsc
05bb0baeba425fe112595f7102ef5cd8 95831 web extra phpmyadmin_3.4.11.1-2+deb7u3.debian.tar.gz
2bffe2f36b99db4bfd1ac7b0d7c1789a 5527434 web extra phpmyadmin_3.4.11.1-2+deb7u3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXGnVYAAoJEHkhUlJ7dZIeI8cP/2XGOfmUp7fk+G5C+zBqySIR
sUqLraB1P6pcNMf4eihCN1hSsl0GUclFigh2ahiHpISavRcDA6pExL9eo10MIZTl
R+6kuQZPEvDAqno5n5UN7VFfzK9VaBgxwBSGQLnvoS4x7AYrSTGNhUzv7TSb83ta
BsRUBBZbJjPEDZd0w3mS0uqbGu6xh8/TqblVkuJxD1Td2EcFwnLqwZQwYUrNmdO8
2kt49Uk+JH7BHnZaAd56k3PX7ZPxCiaMqTARKzJPoAtzavzWyD9OOqL2lNItx/zh
zwPpgDcYLd0NRNzR5XeSU0opTk1GlbqIbznki1DXhl1HZ7q2zMpSeRK1z0RE9m0c
amRej5wOGtvH/dCjfMz5qOOhyoE+tu5KmBKbC4oP2HYt7UtCqoOo0/64SMQqm1UZ
YPvhcEzqrrHjmx3NJQjvXxlyAmfJrxN42hXq4xN92lddBWVS0XZzvsah4LCfhVwH
0mIeDqrhj00CcU6lLm44j6gCWWFy5zg22sxaiZRBNEvQ4CDkEdpONohyStYoLUq3
tsuRtaEpSP2vmBc2t+qHtraxB2hrEZy/o4YbMHoKQVFVQHSi30rkMiHhImhJnPXe
PUHXjb9WjL+HtRgMM98F9gqG3IiDtqspIsEB6hicJHY/ss1F7w6XOJVBlX+/QqAk
wdDBnaH3t25mwY4LpgFJ
=nSTX
-----END PGP SIGNATURE-----