MDVSA-2012:136

Nom du paquet

phpmyadmin

Date

2012-08-17

Advisory ID

MDVSA-2012:136

Affected versions

MES5 i586 , MES5 x86_64

Problem description

Multiple cross-site scripting (XSS) vulnerabilities was discovered
by using the Database structure page with a crafted table name
(CVE-2012-4345).

This upgrade provides the latest phpmyadmin version (3.4.11.1) to
address this vulnerability.

Updated packages

MES5 i586

 5f424ac38e16be2828f6f4905456765e  mes5/i586/phpmyadmin-3.4.11.1-0.1mdvmes5.2.noarch.rpm 
 c36c7600e66b0ee2abc8734968c4e92f  mes5/SRPMS/phpmyadmin-3.4.11.1-0.1mdvmes5.2.src.rpm

MES5 x86_64

 8b30bbf3d705a9c8e2ba18bbdd53bc83  mes5/x86_64/phpmyadmin-3.4.11.1-0.1mdvmes5.2.noarch.rpm 
 c36c7600e66b0ee2abc8734968c4e92f  mes5/SRPMS/phpmyadmin-3.4.11.1-0.1mdvmes5.2.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
• http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php