Date: Fri, 2 Mar 2007 19:44:42 GMT From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: FreeBSD-gnats-submit@FreeBSD.org Cc: secteam@FreeBSD.org Subject: ports/109765: [maintainer] databases/phpmyadmin security update to 2.10.0.2 Message-ID: <200703021944.l22JigR1059362@happy-idiot-talk.infracaninophile.co.uk> Resent-Message-ID: <200703021950.l22Jo564059442@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 109765 >Category: ports >Synopsis: [maintainer] databases/phpmyadmin security update to 2.10.0.2 >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Mar 02 19:50:05 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Matthew Seaman >Release: FreeBSD 6.2-STABLE i386 >Organization: Infracaninophile >Environment: System: FreeBSD happy-idiot-talk.infracaninophile.co.uk 6.2-STABLE FreeBSD 6.2-STABLE #9: Sat Feb 24 16:09:04 GMT 2007 root@happy-idiot-talk.infracaninophile.co.uk:/usr/obj/usr/src/sys/HAPPY-IDIOT-TALK i386 >Description: Yay! Another update. And it's only the 3rd in four days. Just for a change, this is a security thing. http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3 >From the announce message: Hi, The "Month Of PHP Bugs" reveals some PHP vulnerabilities. MOPB-02-2007 (PHP Executor Deep Recursion Stack Overflow) uses phpMyAdmin as an example to show a recursion vulnerability in PHP, for which a protection is provided in version 2.10.0.2. More details will follow on phpmyadmin.net, Security section, PMASA-2007-3. Marc Delisle, for the team >How-To-Repeat: >Fix: --- phpmyadmin.diff begins here --- diff -Nur /usr/ports/databases/phpmyadmin/Makefile phpmyadmin/Makefile --- /usr/ports/databases/phpmyadmin/Makefile Fri Mar 2 19:18:40 2007 +++ phpmyadmin/Makefile Fri Mar 2 19:26:35 2007 @@ -6,8 +6,7 @@ # PORTNAME= phpMyAdmin -DISTVERSION= 2.10.0.1 -PORTREVISION= 1 +DISTVERSION= 2.10.0.2 CATEGORIES= databases www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= phpmyadmin diff -Nur /usr/ports/databases/phpmyadmin/distinfo phpmyadmin/distinfo --- /usr/ports/databases/phpmyadmin/distinfo Thu Mar 1 17:34:55 2007 +++ phpmyadmin/distinfo Fri Mar 2 19:28:52 2007 @@ -1,3 +1,3 @@ -MD5 (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = 0f23d25a64ce0547bdfb05dee748760b -SHA256 (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = c5628fff652947811efa91e3d8e13be02a28a9c300a30da112f86ca94ecc5c7f -SIZE (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = 3019979 +MD5 (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 2aa1abcdacc93a6ccdea149d8c74aa9c +SHA256 (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 4b9949d9a79973de663a0ff526b0a567f7d496c31a5371e4f9eeaa97c599e9a6 +SIZE (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 3020505 --- phpmyadmin.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200703021944.l22JigR1059362>