SUSE Package Hub - openSUSE-2018-387

Update Info

openSUSE-2018-387

Security update for phpMyAdmin

Type: security

Severity: moderate

Issued: 2018-04-23

Description:

This update for phpMyAdmin to version 4.8.0.1 fixes the following issues:

- CVE-2018-10188: Possible execution of arbitrary SQL statements via manipulated URLs (boo#1090309)

This version also contains a number of upstream changes, improvements, new functions and bug fixes.

References

CVE: CVE-2018-10188
Bugzilla: 1090309 VUL-0: CVE-2018-10188: phpMyAdmin: CSRF, allowing an attacker to executearbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js,libraries/classes/Operations.php, and sql.php.

Packages

phpMyAdmin-4.8.0.1-20.1