ports/109765: [maintainer] databases/phpmyadmin security update to 2.10.0.2

Matthew Seaman m.seaman at infracaninophile.co.uk
Fri Mar 2 19:50:06 UTC 2007 

>Number:         109765
>Category:       ports
>Synopsis:       [maintainer] databases/phpmyadmin security update to 2.10.0.2
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Mar 02 19:50:05 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Matthew Seaman
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
Infracaninophile
>Environment:
System: FreeBSD happy-idiot-talk.infracaninophile.co.uk 6.2-STABLE FreeBSD 6.2-STABLE #9: Sat Feb 24 16:09:04 GMT 2007 root at happy-idiot-talk.infracaninophile.co.uk:/usr/obj/usr/src/sys/HAPPY-IDIOT-TALK i386


	
>Description:

Yay! Another update.  And it's only the 3rd in four days.  Just for a
change, this is a security thing.

http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3

>From the announce message:

Hi,
The "Month Of PHP Bugs" reveals some PHP vulnerabilities. MOPB-02-2007
(PHP Executor Deep Recursion Stack Overflow) uses phpMyAdmin as an 
example to show a recursion vulnerability in PHP, for which a
protection is provided in version 2.10.0.2.

More details will follow on phpmyadmin.net, Security section, PMASA-2007-3.

Marc Delisle, for the team



>How-To-Repeat:
	
>Fix:

	

--- phpmyadmin.diff begins here ---
diff -Nur /usr/ports/databases/phpmyadmin/Makefile phpmyadmin/Makefile
--- /usr/ports/databases/phpmyadmin/Makefile	Fri Mar  2 19:18:40 2007
+++ phpmyadmin/Makefile	Fri Mar  2 19:26:35 2007
@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	phpMyAdmin
-DISTVERSION=	2.10.0.1
-PORTREVISION=	1
+DISTVERSION=	2.10.0.2
 CATEGORIES=	databases www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	phpmyadmin
diff -Nur /usr/ports/databases/phpmyadmin/distinfo phpmyadmin/distinfo
--- /usr/ports/databases/phpmyadmin/distinfo	Thu Mar  1 17:34:55 2007
+++ phpmyadmin/distinfo	Fri Mar  2 19:28:52 2007
@@ -1,3 +1,3 @@
-MD5 (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = 0f23d25a64ce0547bdfb05dee748760b
-SHA256 (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = c5628fff652947811efa91e3d8e13be02a28a9c300a30da112f86ca94ecc5c7f
-SIZE (phpMyAdmin-2.10.0.1-all-languages.tar.bz2) = 3019979
+MD5 (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 2aa1abcdacc93a6ccdea149d8c74aa9c
+SHA256 (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 4b9949d9a79973de663a0ff526b0a567f7d496c31a5371e4f9eeaa97c599e9a6
+SIZE (phpMyAdmin-2.10.0.2-all-languages.tar.bz2) = 3020505
--- phpmyadmin.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list