oss-sec mailing list archives
CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 29 Jul 2013 13:42:41 -0400 (EDT)
Hello Kurt, Steve, phpMyAdmin security team, vendors, phpMyAdmin upstream has recently released 3.5.8.2 and 4.0.4.2 of phpMyAdmin administration too: [1] http://www.phpmyadmin.net/home_page/news.php#phpMyAdmin_3.5.8.2_and_4.0.4.2_are_released correcting multiple security flaws (PMASA-2013-10.php is reserved for future use, see [1]): * http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php * http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php Doesn't look CVE identifiers have been already allocated to these? Could you assign them? (Cc-ing phpMyAdmin security team to confirm these weren't assigned yet [and Mitre's CVE assigning department since having an impression, we have previously discussed this and the conclusion was Mitre CVE department will assign them {but maybe it wasn't case of phpMyAdmin, not sure right now}]). Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released Jan Lieskovsky (Jul 29)
- Re: CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released cve-assign (Jul 29)
- Re: CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released cve-assign (Jul 29)
- Re: Re: CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released Jan Lieskovsky (Jul 30)
- Re: [Phpmyadmin-security] [oss-security] Re: CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released Dieter Adriaenssens (Jul 30)
- Re: Re: CVE Request -- phpMyAdmin 3.5.8.2 and 4.0.4.2 are released Jan Lieskovsky (Jul 30)