Back to phpmyadmin PTS page

Accepted phpmyadmin 4:3.4.11.1-2+deb7u8 (source all) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted phpmyadmin 4:3.4.11.1-2+deb7u8 (source all) into oldstable
From: Markus Koschany <apo@debian.org>
Date: Fri, 24 Feb 2017 05:50:10 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1ch8le-0004EQ-Ks@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 24 Feb 2017 06:31:04 +0100
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:3.4.11.1-2+deb7u8
Distribution: wheezy-security
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 phpmyadmin - MySQL web administration tool
Changes: 
 phpmyadmin (4:3.4.11.1-2+deb7u8) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2016-6621 / PMASA-2016-44/:
     A server-side request forgery vulnerability was reported for the setup
     script. This flaw can allow an unauthenticated attacker to brute-force
     MYSQL passwords, detect internal hostnames or opened ports on the internal
     network. Additionally there was a race condition between writing
     configuration and administrator moving it allowing unauthenticated users to
     read or alter it. Debian users who configured phpmyadmin via debconf and
     used the default configuration for apache2 or lighttpd were never affected.
Checksums-Sha1: 
 26e6807cf85aba523ebe4c8c0772296dc0d56b64 2106 phpmyadmin_3.4.11.1-2+deb7u8.dsc
 b3beb6ff360a0bbb2c9e76ccbb3d82fe95fd61cd 111694 phpmyadmin_3.4.11.1-2+deb7u8.debian.tar.gz
 a0e3c83c3eee8b60ff3f102da4348050181222ad 5536938 phpmyadmin_3.4.11.1-2+deb7u8_all.deb
Checksums-Sha256: 
 4baa4f6fda2ea99a58363adb408dd8e83d14b6cf8e4c02c1d3a0ab4b75335dc5 2106 phpmyadmin_3.4.11.1-2+deb7u8.dsc
 977bf6572557dd433cf1c26f33bb0edeb759d15bb8ac53f3fda83d6f1cbafaaf 111694 phpmyadmin_3.4.11.1-2+deb7u8.debian.tar.gz
 3d5647c0e377be9d5d7ca04524ab2f6b672f409df34b31c7826a221bdfe5a147 5536938 phpmyadmin_3.4.11.1-2+deb7u8_all.deb
Files: 
 eeb8133a55f6cd30fe1f487b0a5823f1 2106 web extra phpmyadmin_3.4.11.1-2+deb7u8.dsc
 e37d6e67c2ab9bcf0578cd0515370805 111694 web extra phpmyadmin_3.4.11.1-2+deb7u8.debian.tar.gz
 76e1f3b8d68967dd1ddd50214118ae22 5536938 web extra phpmyadmin_3.4.11.1-2+deb7u8_all.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlivyHxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkm9cQALb3Gyg69LkUjuJ8FVuzNyQHdZJxehkLHRQw
bO26c1zBc/v09WkckWKl0NDB5FmmWHkALP3dO29vFhMocaiQNbht8HCs6GLtTx3+
1kOoanKzJ9KPQipYl2w3r+G4CfXmUoNE5j9Nz3WjSIKF8THHMLP+/Eg9paLCCRWT
JAP7/FNPiEE2ew7e38oNjzPT/2lxI90gMjzGR9fXaYun0lqNnBcm7WfXKzyjN36e
0CJoSWD1pvTSJc+fX67Apeurvlq6dqvAp6U/o1A1hRCx2JaVtmESMBn6mW8vMTxq
1+rWeW4kPPRfTXcYjxduY2qlIt32TptaX/koRfI9/eWTCMkzvkyK/v6A/Y2IBwgi
97hPnmEYFLqrk1M0WkfFQ38jcpKFxSyejaYJOEoMICNIfAQ5Gd8cN+1yVsTvtODU
7bEN2U6SMP3Zf96k6HCd7VmEYDFNyJWxr8Lgug5t8bRl8UWJQlmIDCxv0amU0PtC
jdyl0tdBp6SDeHhc47SbKzLF3Q3slnYUJtqZafs8vMGZDebUaJPaSQQir78cX4Sx
oabs+Pd0vz+aZUoENJKLLZTXtD1hjarYg12tpWe57gdk3SCqLGw01fPcXx5VlIFu
vuT3v0c3OM5dbfHCVMt+J1IIXYMkd6N/Z4vVXohMFnjy0dEvjBoNJc8YTEp3oxVH
V6FMLNq5
=Nq0o
-----END PGP SIGNATURE-----