Security update for phpMyAdmin
This update for phpMyAdmin to version 4.8.5 fixes the following issues:
Security issues fixed:
- CVE-2019-6799: Fixed an arbitrary file read vulnerability (boo#1123272)
- CVE-2019-6798: Fixed a SQL injection in the designer interface (boo#1123271)
Other changes:
* Fix rxport to SQL format not available
* Fix QR code not shown when adding two-factor authentication to a user account
* Fix issue with adding a new user in MySQL 8.0.11 and newer
* Fix frozen interface relating to Text_Plain_Sql plugin
* Fix missing table level operations tab
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1123271
VUL-0: CVE-2019-6798: phpMyAdmin: SQL injection through malformed username
bnc#1123272
VUL-0: CVE-2019-6799: phpMyAdmin: Arbitrary file read vulnerability (PMASA-2019-1)
