diff options
| author | dougb <dougb@FreeBSD.org> | 2011-12-02 05:03:31 +0800 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2011-12-02 05:03:31 +0800 |
| commit | 9c0478a58ff4cb4754652b5d69a32b1477a6ff51 (patch) | |
| tree | 02308652a410bf73b0c5f26c685d403f43c97c86 | |
| parent | 7a22661a10543ca7b233d5a475d46c9a81249139 (diff) | |
| download | freebsd-ports-gnome-9c0478a58ff4cb4754652b5d69a32b1477a6ff51.tar.gz freebsd-ports-gnome-9c0478a58ff4cb4754652b5d69a32b1477a6ff51.tar.zst freebsd-ports-gnome-9c0478a58ff4cb4754652b5d69a32b1477a6ff51.zip | |
Update to version 3.4.8
This is the formal release of the fix to CVE-2011-4634, but there are
no code differences from the preliminary fixes released in 3.4.8-rc1
except for the updated version number.
PMSA-2011-18 has now been published; vuxml entry attached.
PR: ports/163001
Submitted by: Matthew Seaman <m.seaman@infracaninophile.co.uk> (maintainer)
Feature safe: yes
| -rw-r--r-- | databases/phpmyadmin/Makefile | 2 | ||||
| -rw-r--r-- | databases/phpmyadmin/distinfo | 4 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 32 |
3 files changed, 35 insertions, 3 deletions
diff --git a/databases/phpmyadmin/Makefile b/databases/phpmyadmin/Makefile index 0d693c7dd739..934b2a0568c1 100644 --- a/databases/phpmyadmin/Makefile +++ b/databases/phpmyadmin/Makefile @@ -6,7 +6,7 @@ # PORTNAME= phpMyAdmin -DISTVERSION= 3.4.8-rc1 +DISTVERSION= 3.4.8 CATEGORIES= databases www MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages diff --git a/databases/phpmyadmin/distinfo b/databases/phpmyadmin/distinfo index 98ba1f87fc60..1969dddf4bdd 100644 --- a/databases/phpmyadmin/distinfo +++ b/databases/phpmyadmin/distinfo @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-3.4.8-rc1-all-languages.tar.bz2) = a460686e7d2f101a50fb19cb23d16ee56d995393bfebcdeb56880936e7b060c8 -SIZE (phpMyAdmin-3.4.8-rc1-all-languages.tar.bz2) = 4611013 +SHA256 (phpMyAdmin-3.4.8-all-languages.tar.bz2) = 792a53d1904feed2bba0a613680af86fb4ca2ee8e94ba65ef92043c5c2d90604 +SIZE (phpMyAdmin-3.4.8-all-languages.tar.bz2) = 4610153 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b829be0d987a..e49701264ee9 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -47,6 +47,38 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="ed536336-1c57-11e1-86f4-e0cb4e266481"> + <topic>phpMyAdmin -- Multiple XSS</topic> + <affects> + <package> + <name>phpMyAdmin</name> + <range><gt>3.4</gt><lt>3.4.8.r1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The phpMyAdmin development team reports:</p> + <blockquote cite="http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php"> + <p>Using crafted database names, it was possible to produce + XSS in the Database Synchronize and Database rename + panels. Using an invalid and crafted SQL query, it was + possible to produce XSS when editing a query on a table + overview panel or when using the view creation dialog. Using + a crafted column type, it was possible to produce XSS in the + table search and create index dialogs.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.phpmyadmin.net/home_page/security/PMASA-2011-18.php</url> + <cvename>CVE-2011-4634</cvename> + </references> + <dates> + <discovery>2011-11-24</discovery> + <entry>2011-12-01</entry> + </dates> + </vuln> + <vuln vid="eef56761-11eb-11e1-bb94-001c140104d4"> <topic>hiawatha -- memory leak in PreventSQLi routine</topic> <affects> |