Security update to phpMyAdmin 4.4.15.4
Security update to phpMyAdmin 4.4.15.4
The followinng vulnerabilities were fixed: (boo#964024)
* CVE-2016-2038: Multiple full path disclosure vulnerabilities
* CVE-2016-2039: Unsafe generation of XSRF/CSRF token
* CVE-2016-2040: Multiple XSS vulnerabilities
* CVE-2016-1927: Insecure password generation in JavaScript
* CVE-2016-2041: Unsafe comparison of XSRF/CSRF token
* CVE-2016-2042: Multiple full path disclosure vulnerabilities
* CVE-2016-2043: XSS vulnerability in normalization page
- Submitted by Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#964024
VUL-0: phpMyAdmin: Multiple vulnerabilities