From 9167cec3d6f2ae63b3a407d70eb5137c19b993a7 Mon Sep 17 00:00:00 2001 From: Roy Li Date: Thu, 30 Oct 2014 13:37:26 +0800 Subject: phpmyadmin: fix for Security Advisory CVE-2014-5274 Cross-site scripting (XSS) vulnerability in the view operations page in phpMyAdmin 4.1.x before 4.1.14.3 and 4.2.x before 4.2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted view name, related to js/functions.js. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5274 Signed-off-by: Roy Li Signed-off-by: Armin Kuster --- ...4505-security-XSS-in-view-operations-page.patch | 43 ++++++++++++++++++++++ .../recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb | 1 + 2 files changed, 44 insertions(+) create mode 100644 meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch new file mode 100644 index 000000000..164a072ef --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch @@ -0,0 +1,43 @@ +From 0cd293f5e13aa245e4a57b8d373597cc0e421b6f Mon Sep 17 00:00:00 2001 +From: Madhura Jayaratne +Date: Sun, 17 Aug 2014 08:41:57 -0400 +Subject: [PATCH] bug #4505 [security] XSS in view operations page + +Upstream-Status: Backport + +Signed-off-by: Marc Delisle +--- + ChangeLog | 3 +++ + js/functions.js | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/ChangeLog b/ChangeLog +index 7afac1a..cec9d77 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,6 +1,9 @@ + phpMyAdmin - ChangeLog + ====================== + ++4.2.7.1 (2014-08-17) ++- bug #4505 [security] XSS in view operations page ++ + 4.2.7.0 (2014-07-31) + - bug Broken links on home page + - bug #4494 Overlap in navigation panel +diff --git a/js/functions.js b/js/functions.js +index 09bfeda..a970a81 100644 +--- a/js/functions.js ++++ b/js/functions.js +@@ -3585,7 +3585,7 @@ AJAX.registerOnload('functions.js', function () { + var question = PMA_messages.strDropTableStrongWarning + ' '; + question += $.sprintf( + PMA_messages.strDoYouReally, +- 'DROP VIEW ' + PMA_commonParams.get('table') ++ 'DROP VIEW ' + escapeHtml(PMA_commonParams.get('table')) + ); + + $(this).PMA_confirm(question, $(this).attr('href'), function (url) { +-- +1.7.10.4 + diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb index c267d8962..447b77884 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \ SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \ file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \ + file://0001-bug-4505-security-XSS-in-view-operations-page.patch \ file://apache.conf" SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29" -- cgit v1.2.3-54-g00ecf