From Mageia wiki
Jump to: navigation, search

MGASA-2012-0240

Date: August 26th, 2012
Affected releases: 1, 2


Description:
Updated phpmyadmin package fixes bugs and security vulnerabilities:

- [security] Fixed XSS vulnerabilities, see PMASA-2012-4
- bug #3521416 [interface] JS error when editing index
- bug #3521313 [core] Call to undefined function __()
- bug #3521016 [edit] NOW() function incorrectly selected
- bug [GUI] Invalid HTML code on transformation_overview.php
- bug #3522930 [browse] Missing validation in Ajax mode
- bug Fix popup message on build SQL of import
- bug #3523499 [core] Make X-WebKit-CSP work better
- replace Highcharts with jqplot for query profiling, zoom search
- bug #3531584 [interface] No form validation in change password dialog
- bug #3531585 [interface] Broken password validation in copy user form
- bug #3531586 [unterface] Add user form prints JSON when user presses enter
- bug #3534121 [config] duplicate line in config.sample.inc.php
- bug #3534311 [interface] Grid editing incorrectly parses ENUM/SET values
- bug #3510196 [core] More clever URL rewriting with ForceSSL
- added missing requires for php-mysqli


Updated Packages:
Mageia 1:
phpmyadmin-3.5.2.2-1.1.mga1

Mageia 2:
phpmyadmin-3.5.2.2-1.1.mga2


References:
http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php
http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php
https://bugs.mageia.org/show_bug.cgi?id=6905