[3.5] phpmyadmin: Multiple issues (CVE-2016-5702, CVE-2016-5704, CVE-2016-5732)
CVE-2016-5702: Cookie attribute injection attack
Affected Versions
All 4.6.x versions (prior to 4.6.3) are affected
Upgrade to phpMyAdmin 4.6.3 or newer
Reference:
https://www.phpmyadmin.net/security/PMASA-2016-18/
CVE-2016-5704: XSS on table structure page
Affected Versions
All 4.6.x versions (prior to 4.6.3) are affected
Upgrade to phpMyAdmin 4.6.3 or newer.
Reference:
https://www.phpmyadmin.net/security/PMASA-2016-20/
CVE-2016-5732: XSS in partition range functionality
Affected Versions
All 4.6.x versions (prior to 4.6.3) are affected
Upgrade to phpMyAdmin 4.6.3 or newer
Reference:
https://www.phpmyadmin.net/security/PMASA-2016-25/
(from redmine: issue id 5840, created on 2016-06-29, closed on 2016-07-07)
- Relations:
- parent #5839 (closed)
- Changesets:
- Revision b7fe9707 on 2016-07-05T09:53:39Z:
main/phpmyadmin: security upgrade to 4.6.3
Fixes #5834
Fixes #5840