phpmyadmin: CVE-2015-8669

libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message. This patch is from https://github.com/phpmyadmin/phpmyadmin/commit/c4d649325b25139d7c097e56e2e46cc7187fae45 Signed-off-by: Jian Liu <jian.liu@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
author: Liu Jian <jian.liu@windriver.com> 2016-01-20 17:36:46 +0800
committer: Martin Jansa <Martin.Jansa@gmail.com> 2016-02-01 15:58:04 +0100
commit: 350ad5dd558dc7d4e6d1cb7cf1a55a58d4036924 (patch)
tree: 421239680741b0ab57b5bc0e855931302b74fa39 /meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
parent: b7834b965e032a7a79c345b249c4913aab804247 (diff)
download: meta-openembedded-350ad5dd558dc7d4e6d1cb7cf1a55a58d4036924.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
index 9297d0c23..b8faf1273 100644
--- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
+++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
 SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
           file://Port-content-spoofing-fix-CVE-2015-7873.patch \
-           file://apache.conf"
+           file://apache.conf \
+           file://phpmyadmin-CVE-2015-8669.patch \
+"
 SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"
 SRC_URI[sha256sum] = "d2e90ea486d90b4ebe5eb02d7ad349ad2916c12a8981f98553395ef78d22a8ec"
author	Liu Jian <jian.liu@windriver.com>	2016-01-20 17:36:46 +0800
committer	Martin Jansa <Martin.Jansa@gmail.com>	2016-02-01 15:58:04 +0100
commit	350ad5dd558dc7d4e6d1cb7cf1a55a58d4036924 (patch)
tree	421239680741b0ab57b5bc0e855931302b74fa39 /meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
parent	b7834b965e032a7a79c345b249c4913aab804247 (diff)
download	meta-openembedded-350ad5dd558dc7d4e6d1cb7cf1a55a58d4036924.tar.gz

diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb index 9297d0c23..b8faf1273 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
7		7
8	SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \	8	SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \
9	file://Port-content-spoofing-fix-CVE-2015-7873.patch \	9	file://Port-content-spoofing-fix-CVE-2015-7873.patch \
10	file://apache.conf"	10	file://apache.conf \
		11	file://phpmyadmin-CVE-2015-8669.patch \
		12	"
11		13
12	SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"	14	SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275"
13	SRC_URI[sha256sum] = "d2e90ea486d90b4ebe5eb02d7ad349ad2916c12a8981f98553395ef78d22a8ec"	15	SRC_URI[sha256sum] = "d2e90ea486d90b4ebe5eb02d7ad349ad2916c12a8981f98553395ef78d22a8ec"