mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 17:59:59 +00:00
phpmyadmin: fix for Security Advisory CVE-2014-5274
Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Roy Li
Martin Jansa
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \
|
||||
|
||||
SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \
|
||||
file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \
|
||||
file://0001-bug-4505-security-XSS-in-view-operations-page.patch \
|
||||
file://apache.conf"
|
||||
|
||||
SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29"
|
||||
|
||||
Reference in New Issue
Block a user