The branch, master has been updated via eba8989fad267c75cf0921aab77bbb038dca3fc2 (commit) from 1dba678617085aed739e65fad249327c4290680e (commit)

- Log ----------------------------------------------------------------- commit eba8989fad267c75cf0921aab77bbb038dca3fc2 Author: Marc Delisle marc@infomarc.info Date: Mon Nov 29 12:53:44 2010 -0500

PMASA-2010-8

-----------------------------------------------------------------------

Summary of changes: templates/security/{PMASA-2010-7 => PMASA-2010-8} | 23 +++++++++----------- 1 files changed, 10 insertions(+), 13 deletions(-) copy templates/security/{PMASA-2010-7 => PMASA-2010-8} (54%)

diff --git a/templates/security/PMASA-2010-7 b/templates/security/PMASA-2010-8 similarity index 54% copy from templates/security/PMASA-2010-7 copy to templates/security/PMASA-2010-8 index 105dcf5..29bd1a1 100644 --- a/templates/security/PMASA-2010-7 +++ b/templates/security/PMASA-2010-8 @@ -1,19 +1,19 @@ <html xmlns:py="http://genshi.edgewall.org/" xmlns:xi="http://www.w3.org/2001/XInclude" py:strip="">

<py:def function="announcement_id"> -PMASA-2010-7 +PMASA-2010-8 </py:def>

<py:def function="announcement_date"> -2010-09-08 +2010-11-29 </py:def>

<py:def function="announcement_summary"> -XSS attack on setup script. +XSS attack in database search. </py:def>

<py:def function="announcement_description"> -It was possible to conduct a XSS attack using spoofed request to setup script. +It was possible to conduct a XSS attack using spoofed request on the db search script. </py:def>

<py:def function="announcement_severity"> @@ -21,25 +21,22 @@ We consider this vulnerability to be non critical. </py:def>

<py:def function="announcement_affected"> -For 3.x: versions before 3.3.7 are affected. -</py:def> - -<py:def function="announcement_unaffected"> -Branch 2.11.x is not affected by this. +For 3.x: versions before 3.3.8.1 are affected. For 2.11.x: versions before 2.11.11.1 are affected. </py:def>

<py:def function="announcement_solution"> -Upgrade to phpMyAdmin 3.3.7 or newer or apply patch listed below. +Upgrade to phpMyAdmin 3.3.8.1 or newer, or 2.11.11.1 if using the 2.11.x family. You can also apply the patch listed below. </py:def>

<py:def function="announcement_references"> -Thanks to <a href="http://tenable.com/">Tenable Network Security</a> for reporting this issue. +Thanks to Alexander Opitz for reporting this issue. </py:def>

-<py:def function="announcement_cve">CVE-2010-3263</py:def> +<py:def function="announcement_cve">CVE-2010-4329</py:def>

<py:def function="announcement_commits"> -73ce5705bd1e0b62060f75702d62f88247ce09dd +4341818d73d454451f024950a4ce0141608ac7f8 +e1f4901ffc400b6d2df15eac0ba5015fe48a27c4 </py:def>

<xi:include href="_page.tpl" />

hooks/post-receive