mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 17:59:59 +00:00
Code Issues Projects Releases Wiki Activity

phpmyadmin: CVE-2015-8669

Browse Source 
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12,
4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers
to obtain sensitive information via a crafted request, which reveals
the full path in an error message.

This patch is from https://github.com/phpmyadmin/phpmyadmin/commit/c4d649325b25139d7c097e56e2e46cc7187fae45

Signed-off-by: Jian Liu <jian.liu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This commit is contained in:
Liu Jian
2016-01-20 17:36:46 +08:00
committed by Martin Jansa
parent b7834b965e
commit 350ad5dd55
2 changed files with 21 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
+3 -1
View File
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
file://Port-content-spoofing-fix-CVE-2015-7873.patch \
file://apache.conf"
file://apache.conf \
file://phpmyadmin-CVE-2015-8669.patch \
"
SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"
SRC_URI[sha256sum] = "d2e90ea486d90b4ebe5eb02d7ad349ad2916c12a8981f98553395ef78d22a8ec"