Bug 218853 (CVE-2006-6373)

Summary: phpMyAdmin < 2.9.1.1 multiple vulnerabilities
Product: [Fedora] Fedora Reporter: Ville Skyttä <ville.skytta>
Component: phpMyAdminAssignee: Mike McGrath <imlinux>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: extras-qa, fedora-security-list
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-12-11 14:39:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ville Skyttä 2006-12-07 20:51:17 UTC
phpMyAdmin 2.9.1.1 contains three security fixes:

- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-7
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8
  (also apparently http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6373)
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9

All FC5+ currently have a pre-2.9.1 snapshot which may be vulnerable.

There's also http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6374 but it's unclear
to me whether that is covered by the above or applicable to 2.9.x in the first
place.

Comment 1 Mike McGrath 2006-12-11 14:39:34 UTC
Updated and now available on the mirrors.