aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
diff options
context:
space:
mode:
authorRoy Li <rongqing.li@windriver.com>2014-10-30 13:37:26 +0800
committerPaul Eggleton <paul.eggleton@linux.intel.com>2014-10-31 11:35:25 +0000
commit7edda3d9267cc3561151a5611a2d215848824423 (patch)
tree140920340e077d34cabfb1048816dc906d03fd47 /meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
parent780fb7c811b03ea5ae614cfa228f2f74d884f900 (diff)
downloadmeta-openembedded-contrib-7edda3d9267cc3561151a5611a2d215848824423.tar.gz
phpmyadmin: fix for Security Advisory CVE-2014-5274
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by: Roy Li <rongqing.li@windriver.com>
Diffstat (limited to 'meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb')
-rw-r--r--meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb1
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
index c267d89621..447b77884d 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \
SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \
+ file://0001-bug-4505-security-XSS-in-view-operations-page.patch \
file://apache.conf"
SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-29 08:20:42 +0000