Nome do pacote
phpmyadmin
Data
2010-09-21
ID Alerta
MDVSA-2010:186
Versões afetadas
MES5 i586 , MES5 x86_64

Descrição do problema

A vulnerability has been found and corrected in phpmyadmin:

Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php
in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote
attackers to inject arbitrary web script or HTML via a server name
(CVE-2010-3263).

This upgrade provides phpmyadmin 3.3.7 which is not vulnerable for
this security issue.

Pacotes atualizados

MES5 i586

 6ec7899c8e4d029bd1a13bef9c84ebf3  mes5/i586/phpmyadmin-3.3.7-0.1mdvmes5.1.noarch.rpm 
 90b8d6eca124eb2833509936b4f634ba  mes5/SRPMS/phpmyadmin-3.3.7-0.1mdvmes5.1.src.rpm

MES5 x86_64

 cfd93b71cfafac8d586a824f74ff180e  mes5/x86_64/phpmyadmin-3.3.7-0.1mdvmes5.1.noarch.rpm 
 90b8d6eca124eb2833509936b4f634ba  mes5/SRPMS/phpmyadmin-3.3.7-0.1mdvmes5.1.src.rpm

Referências