Security update for phpMyAdmin
phpMyAdmin was updated to 4.2.13.3 to fix three security issues.
The following vulnerabilities were fixed:
* CVE-2015-3902: CSRF vulnerability in setup (PMASA-2015-2, boo#930992)
* CVE-2015-3903: Vulnerability allowing man-in-the-middle attack (PMASA-2015-3, boo#930993)
* CVE-2015-2206: Risk of BREACH attack (PMASA-2015-1, boo#920773)
Also contains all upstream bug fixes in the 4.2.13 branch.
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#930992
VUL-1: CVE-2015-3902: phpMyAdmin: XSRF/CSRF vulnerability in phpMyAdmin setup (PMASA-2015-2)
bnc#930993
VUL-1: CVE-2015-3903: phpMyAdmin: Vulnerability allowing man-in-the-middle attack on API call to GitHub (PMASA-2015-3)
bnc#920773
VUL-0: CVE-2015-2206: phpMyAdmin: MASA-2015-1 security update
