Overview

File _patchinfo of Package patchinfo.4662

<patchinfo>
  <category>security</category>
  <rating>moderate</rating>
  <packager>computersalat</packager>
  <summary>security update for phpMyAdmin</summary>
  <description>
This phpMyAdmin update to version 4.4.15.8 fixes the following issues:

Security issues fixed:
* Improve session cookie code for openid.php and signon.php example
   files
* Full path disclosure in openid.php and signon.php example files
* Unsafe generation of BlowfishSecret (when not supplied by the user)
* Referrer leak when phpinfo is enabled
* Use HTTPS for wiki links
* Improve SSL certificate handling
* Fix full path disclosure in debugging code
* Administrators could trigger SQL injection attack against users

* Weaknesses with cookie encryption
   see PMASA-2016-29 (CVE-2016-6606, CWE-661)
* Multiple XSS vulnerabilities
   see PMASA-2016-30 (CVE-2016-6607, CWE-661)
* Multiple XSS vulnerabilities
   see PMASA-2016-31 (CVE-2016-6608, CWE-661)
* PHP code injection
   see PMASA-2016-32 (CVE-2016-6609, CWE-661)
* Full path disclosure
   see PMASA-2016-33 (CVE-2016-6610, CWE-661)
* SQL injection attack
   see PMASA-2016-34 (CVE-2016-6611, CWE-661)
* Local file exposure through LOAD DATA LOCAL INFILE
   see PMASA-2016-35 (CVE-2016-6612, CWE-661)
* Local file exposure through symlinks with UploadDir
   see PMASA-2016-36 (CVE-2016-6613, CWE-661)
* Path traversal with SaveDir and UploadDir
   see PMASA-2016-37 (CVE-2016-6614, CWE-661)
* Multiple XSS vulnerabilities
   see PMASA-2016-38 (CVE-2016-6615, CWE-661)
* SQL injection vulnerability as control user
   see PMASA-2016-39 (CVE-2016-6616, CWE-661)
* SQL injection vulnerability
   see PMASA-2016-40 (CVE-2016-6617, CWE-661)
* Denial-of-service attack through transformation feature
   see PMASA-2016-41 (CVE-2016-6618, CWE-661)
* SQL injection vulnerability as control user
   see PMASA-2016-42 (CVE-2016-6619, CWE-661)
* Verify data before unserializing
   see PMASA-2016-43 (CVE-2016-6620, CWE-661)
* SSRF in setup script
   see PMASA-2016-44 (CVE-2016-6621, CWE-661)
* Denial-of-service attack with
   $cfg['AllowArbitraryServer'] = true and persistent connections
   see PMASA-2016-45 (CVE-2016-6622, CWE-661)
* Denial-of-service attack by using for loops
   see PMASA-2016-46 (CVE-2016-6623, CWE-661)
* Possible circumvention of IP-based allow/deny rules with IPv6 and
   proxy server
   see PMASA-2016-47 (CVE-2016-6624, CWE-661)
* Detect if user is logged in
   see PMASA-2016-48 (CVE-2016-6625, CWE-661)
* Bypass URL redirection protection
   see PMASA-2016-49 (CVE-2016-6626, CWE-661)
* Referrer leak
   see PMASA-2016-50 (CVE-2016-6627, CWE-661)
* Reflected File Download
   see PMASA-2016-51 (CVE-2016-6628, CWE-661)
* ArbitraryServerRegexp bypass
   see PMASA-2016-52 (CVE-2016-6629, CWE-661)
* Denial-of-service attack by entering long password
   see PMASA-2016-53 (CVE-2016-6630, CWE-661)
* Remote code execution vulnerability when running as CGI
   see PMASA-2016-54 (CVE-2016-6631, CWE-661)
* Denial-of-service attack when PHP uses dbase extension
   see PMASA-2016-55 (CVE-2016-6632, CWE-661)
* Remove tode execution vulnerability when PHP uses dbase extension
   see PMASA-2016-56 (CVE-2016-6633, CWE-661)
  </description>
  <issue tracker="bnc" id="994313">VUL-0: phpMyAdmin 4.0.10.17, 4.4.15.8, and 4.6.4 releases </issue>
  <issue tracker="cve" id="2016-6606">Weaknesses with cookie encryption</issue>
  <issue tracker="cve" id="2016-6607">Multiple XSS vulnerabilities</issue>
  <issue tracker="cve" id="2016-6608">Multiple XSS vulnerabilities</issue>
  <issue tracker="cve" id="2016-6609">PHP code injection</issue>
  <issue tracker="cve" id="2016-6610">Full path disclosure</issue>
  <issue tracker="cve" id="2016-6611">SQL injection attack</issue>
  <issue tracker="cve" id="2016-6612">Local file exposure through LOAD DATA LOCAL INFILE</issue>
  <issue tracker="cve" id="2016-6613">Local file exposure through symlinks with UploadDir</issue>
  <issue tracker="cve" id="2016-6614">Path traversal with SaveDir and UploadDir</issue>
  <issue tracker="cve" id="2016-6615">Multiple XSS vulnerabilities</issue>
  <issue tracker="cve" id="2016-6616">SQL injection vulnerability as control user</issue>
  <issue tracker="cve" id="2016-6617">SQL injection vulnerability</issue>
  <issue tracker="cve" id="2016-6618">Denial-of-service attack through transformation feature</issue>
  <issue tracker="cve" id="2016-6619">SQL injection vulnerability as control user</issue>
  <issue tracker="cve" id="2016-6620">Verify data before unserializing</issue>
  <issue tracker="cve" id="2016-6621">SSRF in setup script</issue>
  <issue tracker="cve" id="2016-6622">Denial-of-service attack with $cfg['AllowArbitraryServer'] = true and persistent connections</issue>
  <issue tracker="cve" id="2016-6623">Denial-of-service attack by using for loops</issue>
  <issue tracker="cve" id="2016-6624">Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server</issue>
  <issue tracker="cve" id="2016-6625">Detect if user is logged in</issue>
  <issue tracker="cve" id="2016-6626">Bypass URL redirection protection</issue>
  <issue tracker="cve" id="2016-6627">Referrer leak</issue>
  <issue tracker="cve" id="2016-6628">Reflected File Download</issue>
  <issue tracker="cve" id="2016-6629">ArbitraryServerRegexp bypass</issue>
  <issue tracker="cve" id="2016-6630">Denial-of-service attack by entering long password</issue>
  <issue tracker="cve" id="2016-6631">Remote code execution vulnerability when running as CGI</issue>
  <issue tracker="cve" id="2016-6632">Denial-of-service attack when PHP uses dbase extension</issue>
  <issue tracker="cve" id="2016-6633">Remove tode execution vulnerability when PHP uses dbase extension</issue>
</patchinfo>
openSUSE Build Service is sponsored by
Places