~ubuntu-branches/ubuntu/intrepid/phpmyadmin/intrepid-updates

Viewing all changes in revision 33.

Committer: Bazaar Package Importer
Author(s): Marc Deslauriers
Date: 2009-10-26 11:08:55 UTC
Revision ID: james.westby@ubuntu.com-20091026110855-cvqjvkjzf3mr3mk8

Tags: 4:2.11.8.1-1ubuntu0.2

* SECURITY UPDATE: XSS via a crafted name for a MySQL table (LP: #450505)
  - debian/patches/047-security-CVE-2009-3696-3697.dpatch: filter special
    characters in db_operations.php.
  - CVE-2009-3696
* SECURITY UPDATE: SQL injection via PDF schema generator functionality
  (LP: #450505)
  - debian/patches/047-security-CVE-2009-3696-3697.dpatch: filter and
    escape special characters in pdf_pages.php and pmd_pdf.php.
  - CVE-2009-3697

files added:
debian/patches/047-security-CVE-2009-3696-3697.dpatch

files modified:
debian/changelog

debian/patches/00list

expand all

Show diffs side-by-side

added added

removed removed

debian/changelog

debian/patches/00list

debian/patches/047-security-CVE-2009-3696-3697.dpatch

Older »