[Phpmyadmin-devel] Re: Security announcements

Marc Delisle Marc.Delisle at cegepsherbrooke.qc.ca
Wed Nov 23 23:20:01 CET 2005

Michal Čihař a écrit :
> On Wed 23. 11. 2005 22:51, Marc Delisle wrote:
>>I counted 2 others, so I issued an alert for those 3 problems.
> We should also handle in same announcement the new one I sent recently. 
> It looks to me like it is still not fixed...

The one from debian? I think you fixed it with
* libraries/.htaccess: Deny access to libraries folder over HTTP.

But I would put it in a new announcement, along with the one concerning 
HTTP_HOST, since they are both fixed in 2.7.0.

>>Regarding the new one you just fixed, was it present in 2.6.4?
> You mean the HTTP_HOST issue? Yes it is, related code is commented to be 
> from 2001/25/11...

Instead of a backport to QA_2_6_4, I suggest to wait for 2.7.0's release for an 


More information about the Developers mailing list