---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: Debian update for phpmyadmin SECUNIA ADVISORY ID: SA26733 VERIFY ADVISORY: http://secunia.com/advisories/26733/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 4.0 http://secunia.com/product/13844/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. For more information: SA22969 SA24952 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.dsc Size/MD5 checksum: 604 32ee16f4370604bc150d93c5676fface http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3.diff.gz Size/MD5 checksum: 38520 f27c4b99bbdb3dc13fb71aef99749247 http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz Size/MD5 checksum: 2654418 05e33121984824c43d94450af3edf267 Architecture independent components: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.6.2-3sarge3_all.deb Size/MD5 checksum: 2769182 00f14fb52a14546e92ece84c16cd249f -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-4.dsc Size/MD5 checksum: 1011 26baccf88fa7d3b00f4802e46d8d0053 http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-4.diff.gz Size/MD5 checksum: 46886 0f377a70b327c65f53ff6895856d18d6 http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1.orig.tar.gz Size/MD5 checksum: 3500563 f598509b308bf96aee836eb2338f523c Architecture independent components: http://security.debian.org/pool/updates/main/p/phpmyadmin/phpmyadmin_2.9.1.1-4_all.deb Size/MD5 checksum: 3605594 05f19efce1cb5b31a8f1161a01dbe158 -- Debian GNU/Linux unstable alias sid -- Fixed in version 2.10.1-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2007/dsa-1370 OTHER REFERENCES: SA22969: http://secunia.com/advisories/22969/ SA24952: http://secunia.com/advisories/24952/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------