[Phpmyadmin-git] [SCM] phpMyAdmin website branch, master, updated. b5731f4ca159230c34db6ce111617ca27b1b2867
Marc Delisle
lem9 at users.sourceforge.net
Sun Jul 3 13:02:56 CEST 2011
The branch, master has been updated
via b5731f4ca159230c34db6ce111617ca27b1b2867 (commit)
from 70b2a9718589eb4b040a5ac67de91fceff4930e8 (commit)
- Log -----------------------------------------------------------------
commit b5731f4ca159230c34db6ce111617ca27b1b2867
Author: Marc Delisle <marc at infomarc.info>
Date: Sun Jul 3 07:02:15 2011 -0400
This syntax confuses render.py
-----------------------------------------------------------------------
Summary of changes:
templates/security/PMASA-2011-6 | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/templates/security/PMASA-2011-6 b/templates/security/PMASA-2011-6
index 2a258e5..c06ba98 100644
--- a/templates/security/PMASA-2011-6
+++ b/templates/security/PMASA-2011-6
@@ -16,7 +16,7 @@ Possible code injection in setup script in case session variables are compromise
<py:def function="announcement_description">
An unsanitized key from the Servers array is written in a comment of the generated config.
-An attacker can modify this key by modifying the $_SESSION array.
+An attacker can modify this key by modifying the SESSION superglobal array.
This allows the attacker to close the comment and inject code.
</py:def>
hooks/post-receive
--
phpMyAdmin website
More information about the Git
mailing list