Fedora 20 Security Update: phpMyAdmin-4.2.12-1.fc20

Resolved Bugs
1166397 – phpMyAdmin-4.2.12 is available
1166619 – CVE-2014-8958 phpMyAdmin: Multiple XSS vulnerabilities (PMASA-2014-13)
1166621 – CVE-2014-8958 phpMyAdmin: Multiple XSS vulnerabilities (PMASA-2014-13) [fedora-all]
1166626 – CVE-2014-8959 phpMyAdmin: Local file inclusion vulnerability (PMASA-2014-14)
1166627 – CVE-2014-8959 phpMyAdmin: Local file inclusion vulnerability (PMASA-2014-14) [fedora-all]
1166634 – CVE-2014-8960 phpMyAdmin: XSS vulnerability in error reporting functionality (PMASA-2014-15)
1166635 – CVE-2014-8960 phpMyAdmin: XSS vulnerability in error reporting functionality (PMASA-2014-15) [fedora-all]
1166637 – CVE-2014-8961 phpMyAdmin: leakage of line count of an arbitrary file (PMASA-2014-16)
1166638 – CVE-2014-8961 phpMyAdmin: leakage of line count of an arbitrary file (PMASA-2014-16) [fedora-all]<br
phpMyAdmin 4.2.12.0 (2014-11-20)
================================
– Blank/white page when JavaScript disabled
– Multi row actions cause full page reloads
– ReferenceError: targeurl is not defined
– Incorrect text/icon display in Tracking report
– Recordset return from procedure display nothing
– Edit dialog for routines is too long for smaller displays
– JavaScript error after moving a column
– Issue with long comments on table columns
– Input field unnecessarily selected on focus
– Exporting selected rows exports all rows of the query
– No insert statement produced in SQL export for queries with alias
– Field disabled when internal relations used
– [security] XSS through exception stack
– [security] Path traversal can lead to leakage of line count
– [security] XSS vulnerability in table print view
– [security] XSS vulnerability in zoom search page
– [security] Path traversal in file inclusion of GIS factory
– [security] XSS in multi submit
– [security] XSS through pma_fontsize cookie

Leave a Reply