mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
phpmyadmin: fix CVE-2015-7873
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter. Backport upstream commit to fix it: https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706 Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This commit is contained in:
committed by
Martin Jansa
parent
4c21d7a02f
commit
b12220887e
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
|
||||
file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c"
|
||||
|
||||
SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
|
||||
file://Port-content-spoofing-fix-CVE-2015-7873.patch \
|
||||
file://apache.conf"
|
||||
|
||||
SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"
|
||||
|
||||
Reference in New Issue
Block a user