openSUSE-SU-2019:1689-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:1689-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2019:1689-1
Related
Published
2019-07-02T05:41:54Z
Modified
2019-07-02T05:41:54Z
Summary
Security update for phpMyAdmin
Details

This update for phpMyAdmin fixes the following issues:

phpMyAdmin was updated to 4.9.0.1:

  • Several issues with SYSTEM VERSIONING tables
  • Fixed json encode error in export
  • Fixed JavaScript events not activating on input (sql bookmark issue)
  • Show Designer combo boxes when adding a constraint
  • Fix edit view
  • Fixed invalid default value for bit field
  • Fix several errors relating to GIS data types
  • Fixed javascript error PMA_messages is not defined
  • Fixed import XML data with leading zeros
  • Fixed php notice, added support for 'DELETE HISTORY' table privilege (MariaDB >= 10.3.4)
  • Fixed MySQL 8.0.0 issues with GIS display
  • Fixed 'Server charset' in 'Database server' tab showing wrong information
  • Fixed can not copy user on Percona Server 5.7

  • Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems

  • boo#1137497 / PMASA-2019-4 / CVE-2019-12616 / CWE-661: Fixed CSRF vulnerability in login form https://www.phpmyadmin.net/security/PMASA-2019-4/

  • boo#1137496 / PMASA-2019-3 / CVE-2019-11768 / CWE-661: Fixed SQL injection in Designer feature https://www.phpmyadmin.net/security/PMASA-2019-3/

References

Affected packages

SUSE:Package Hub 12 / phpMyAdmin

Package

Name
phpMyAdmin
Purl
pkg:rpm/suse/phpMyAdmin&distro=SUSE%20Package%20Hub%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.9.0.1-bp150.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "phpMyAdmin": "4.9.0.1-bp150.31.1"
        }
    ]
}

SUSE:Package Hub 15 / phpMyAdmin

Package

Name
phpMyAdmin
Purl
pkg:rpm/suse/phpMyAdmin&distro=SUSE%20Package%20Hub%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.9.0.1-bp150.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "phpMyAdmin": "4.9.0.1-bp150.31.1"
        }
    ]
}

openSUSE:Leap 15.0 / phpMyAdmin

Package

Name
phpMyAdmin
Purl
pkg:rpm/opensuse/phpMyAdmin&distro=openSUSE%20Leap%2015.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.9.0.1-bp150.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "phpMyAdmin": "4.9.0.1-bp150.31.1"
        }
    ]
}

openSUSE:Leap 15.1 / phpMyAdmin

Package

Name
phpMyAdmin
Purl
pkg:rpm/opensuse/phpMyAdmin&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.9.0.1-bp150.31.1

Ecosystem specific 

{
    "binaries": [
        {
            "phpMyAdmin": "4.9.0.1-bp150.31.1"
        }
    ]
}