Security update for phpMyAdmin
This update to phpMyAdmin 4.4.15.4 fixes the following issues (boo#964024)
* CVE-2016-2038: Multiple full path disclosure vulnerabilities
* CVE-2016-2039: Unsafe generation of XSRF/CSRF token
* CVE-2016-2040: Multiple XSS vulnerabilities
* CVE-2016-1927: Insecure password generation in JavaScript
* CVE-2016-2041: Unsafe comparison of XSRF/CSRF token
* CVE-2016-2042: Multiple full path disclosure vulnerabilities
* CVE-2016-2043: XSS vulnerability in normalization page
-
Submitted by
Christian Wittmer (computersalat)
Fixed bugs
bnc#964024
VUL-0: phpMyAdmin: Multiple vulnerabilities
