[SECURITY] [DLA 336-1] phpmyadmin security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : phpmyadmin
Version : 4:3.3.7-9
CVE ID : CVE-2014-8958 CVE-2014-9218 CVE-2015-2206 CVE-2015-3902
Several issues have been fixed in phpMyAdmin, the web administration
tool for MySQL.
CVE-2014-8958
Multiple cross-site scripting (XSS) vulnerabilities.
CVE-2014-9218
Denial of service (resource consumption) via a long password.
CVE-2015-2206
Risk of BREACH attack due to reflected parameter.
CVE-2015-3902
XSRF/CSRF vulnerability in phpMyAdmin setup.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJWMSgCAAoJEFb2GnlAHawExCcH/3GndkN3P49XdjJrku0SCjfJ
/nUa1WRlwjhEQOYIn5PyYyszlAO7C92nzyvOiFrSa7CklEIwBnjStOBsW5kig2Ps
9FcRqOIRudDQnafNYwDcYdhcJU5JSuzL03+Mj0a87t5Qi3jOqMfR3UYS1x98lTz3
WUjrdc8Ec6My4UKlNTPz/nioyKPfw9G/Sw3/wsptIIB6Q1dVHFV+fZSPYoHIZ02C
Bl6qxhfMCM0pqVKjrHM3duKSm1d76ub8nloEkDNTuUr7dFCTA3pR0ypzRTU/ajoG
y4nKJI/NAOmXlis34luyV98GUMokJCnnq/jlmwXaG2Pz2JTLWgjUb0JteVDWzrY=
=DwPk
-----END PGP SIGNATURE-----
Reply to: