Update Info

openSUSE-2020-405


Security update for phpMyAdmin


Type: security
Severity: moderate
Issued: 2020-03-29
Description:
This update for phpMyAdmin to version 4.9.5 fixes the following issues:

- phpmyadmin was updated to 4.9.5: 

- CVE-2020-10804: Fixed an SQL injection in the user accounts page, 
  particularly when changing a password (boo#1167335 PMASA-2020-2).
- CVE-2020-10802: Fixed an SQL injection in the search feature 
  (boo#1167336 PMASA-2020-3).
- CVE-2020-10803: Fixed an SQL injection and XSS when displaying 
  results (boo#1167337 PMASA-2020-4).
- Removed the "options" field for the external transformation.


              

Packages


  • phpMyAdmin-4.9.5-43.1