Secunia Security Advisory - Debian has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks.
07ab8fe2440aea08956e69550b25877ea6acf88224b6c580b13e82d6786ff988
----------------------------------------------------------------------
Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?
Click here to learn more:
http://secunia.com/advisories/business_solutions/
----------------------------------------------------------------------
TITLE:
Debian update for phpmyadmin
SECUNIA ADVISORY ID:
SA33912
VERIFY ADVISORY:
http://secunia.com/advisories/33912/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/advisories/product/530/
DESCRIPTION:
Debian has issued an update for phpmyadmin. This fixes a
vulnerability, which can be exploited by malicious people to conduct
cross-site request forgery attacks.
For more information:
SA33076
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 4.0 alias etch --
Source archives:
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-10.dsc
Size/MD5 checksum: 1021 9428b84187a0fc1c893e099987f746f6
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1.orig.tar.gz
Size/MD5 checksum: 3500563 f598509b308bf96aee836eb2338f523c
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-10.diff.gz
Size/MD5 checksum: 54951 8441cbf454016d4425dddaef569bbd21
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-10_all.deb
Size/MD5 checksum: 3603132 538d80062d8fc4c009e0e0e01ffbacd4
-- Debian GNU/Linux unstable alias sid --
Fixed in version 2.11.8.1-5.
ORIGINAL ADVISORY:
DSA-1723-1:
http://lists.debian.org/debian-security-announce/2009/msg00032.html
OTHER REFERENCES:
SA33076:
http://secunia.com/advisories/33076/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------