Accepting request 512891 from home:computersalat:devel:php

fix for boo#1050980 OBS-URL: https://build.opensuse.org/request/show/512891 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=290
2017-07-28 09:29:50 +00:00
parent d710228a11
commit ce89bab3fd
2 changed files with 19 additions and 7 deletions
--- a/phpMyAdmin.changes
+++ b/phpMyAdmin.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Fri Jul 28 09:17:35 UTC 2017 - chris@computersalat.de
+
+- fix for boo#1050980
+  * replace mcrypt with openssl, see
+    https://github.com/phpseclib/phpseclib/issues/1028
+- update changes (update to 4.6.6 (2017-01-23))
+  * add missing (CVE-Not yet available) CVE's
+
 -------------------------------------------------------------------
 Sat Jul 22 08:03:55 UTC 2017 - ecsos@opensuse.org

@@ -276,25 +285,25 @@ Wed Jan 25 22:12:33 UTC 2017 - chris@computersalat.de
  * PMASA-2016-44 (CVE-2016-6621, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2016-44/
    - Multiple vulnerabilities in setup script
-  * PMASA-2017-1 ( CVE-Nya, CWE-661)
+  * PMASA-2017-1 (  CVE-2017-1000013, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-1/
    - Open redirect
  * PMASA-2017-2 ( CVE-2015-8980, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-2/
    - php-gettext code execution
-  * PMASA-2017-3 ( CVE-Nya, CWE-661)
+  * PMASA-2017-3 (  CVE-2017-1000014, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-3/
    - DOS vulnerabiltiy in table editing
-  * PMASA-2017-4 ( CVE-Nya, CWE-661)
+  * PMASA-2017-4 (  CVE-2017-1000015, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-4/
    - CSS injection in themes
-  * PMASA-2017-5 ( CVE-Nya, CWE-661)
+  * PMASA-2017-5 (  CVE-2017-1000016, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-5/
    - Cookie attribute injection attack
-  * PMASA-2017-6 ( CVE-Nya, CWE-661)
+  * PMASA-2017-6 (  CVE-2017-1000017, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-6/
    - SSRF in replication
-  * PMASA-2017-7 ( CVE-Nya, CWE-661)
+  * PMASA-2017-7 (  CVE-2017-1000018, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2017-7/
    - DOS in replication status
 - remove obsolete phpMyAdmin-12757_sql_syntax_errror.patch