openSUSE Build Service

phpMyAdmin: security update to 4.1.14.4

phpMyAdmin was updated to 4.1.14.4 (2014-09-13) fixing bugs and security issues.

* PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php

A DOM based XSS was fixed that resulted to a CSRF
that creates a ROOT account in certain conditions.

phpMyAdmin: XSRF/CSRF due to DOM based XSS in the micro history feature