diff --git a/databases/phpmyadmin/Makefile b/databases/phpmyadmin/Makefile index adbc91439114..f49ef5c411d8 100644 --- a/databases/phpmyadmin/Makefile +++ b/databases/phpmyadmin/Makefile @@ -6,9 +6,9 @@ # PORTNAME= phpMyAdmin -DISTVERSION= 3.4.4 +DISTVERSION= 3.4.5 CATEGORIES= databases www -MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${PORTVERSION} +MASTER_SITES= SF/${PORTNAME:L}/${PORTNAME}/${DISTVERSION} DISTNAME= ${PORTNAME}-${DISTVERSION}-all-languages MAINTAINER= m.seaman@infracaninophile.co.uk diff --git a/databases/phpmyadmin/distinfo b/databases/phpmyadmin/distinfo index 960a1385baf4..d2ae2299b4a3 100644 --- a/databases/phpmyadmin/distinfo +++ b/databases/phpmyadmin/distinfo @@ -1,2 +1,2 @@ -SHA256 (phpMyAdmin-3.4.4-all-languages.tar.bz2) = 8d8ca3429cce24d560d6a1e1f544ee905059f7a253d748ea4ca49459f14d9779 -SIZE (phpMyAdmin-3.4.4-all-languages.tar.bz2) = 4954436 +SHA256 (phpMyAdmin-3.4.5-all-languages.tar.bz2) = 27917cf2d833c0c8700704c62b28a210f30682dd112e6a0b6fd2db3e6d061051 +SIZE (phpMyAdmin-3.4.5-all-languages.tar.bz2) = 4592593 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index b9e2ef6ade87..bf3b2750e126 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,35 @@ Note: Please add new entries to the beginning of this file. --> + + phpmyadmin -- multiple XSS vulnerabilities + + + phpMyAdmin + 3.4.5 + + + + +

phpMyAdmin development team reports:

+
+

Firstly, if a row contains javascript code, after inline + editing this row and saving, the code is executed. Secondly, + missing sanitization on the db, table and column names leads + to XSS vulnerabilities.

+

Versions 3.4.0 to 3.4.4 were found vulnerable.

+
+ + + + http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php + + + 2011-09-11 + 2011-09-14 + + + django -- multiple vulnerabilities