SUSE Package Hub - openSUSE-2023-154

Update Info

openSUSE-2023-154

Security update for phpMyAdmin

Type: security

Severity: moderate

Issued: 2023-06-27

Description:

This update for phpMyAdmin fixes the following issues:

Update to 4.9.11:

- CVE-2023-25727: Fixed XSS vulnerability in drag-and-drop upload (boo#1208186).

References

CVE: CVE-2023-25727
CVE: CVE-2022-23807
Bugzilla: 1208186 VUL-0: CVE-2023-25727: phpMyAdmin: XSS vulnerability in drag-and-drop upload
Bugzilla: 1195017 VUL-1: CVE-2022-23807: phpMyAdmin: Two factor authentication bypass (PMASA-2022-1)
Bugzilla: 1170743 phpMyAdmin installation wipes it's sysconfig apache_server_flag entry
Bugzilla: 1092345 phpMyAdmin installs into /srv

Packages

phpMyAdmin-4.9.11-bp153.2.6.1