[3.9] phpmyadmin: Multiple vulnerabilities (CVE-2019-6798, CVE-2019-6799)
CVE-2019-6798: SQL injection in Designer feature
Affected Versions:
phpMyAdmin versions from 4.5.0 through 4.8.4 are affected.
Fixed In Version:
phpMyAdmin 4.8.5
Reference:
https://www.phpmyadmin.net/security/PMASA-2019-2/
CVE-2019-6799: Arbitrary file read vulnerability
Affected Versions:
phpMyAdmin versions from at least 4.0 through 4.8.4 are affected.
Fixed In Version:
phpMyAdmin 4.8.5
Reference:
https://www.phpmyadmin.net/security/PMASA-2019-1/
(from redmine: issue id 10101, created on 2019-03-13, closed on 2019-03-19)
- Changesets:
- Revision b6bc53c8 by Francesco Colista on 2019-03-17T18:53:35Z:
community/phpmyadmin: security fixes
CVE-2019-6798, CVE-2019-6799
fixes #10101