[SECURITY] [DLA 2024-1] phpmyadmin security update

2019-12-08T12:49:20
ID DEBIAN:DLA-2024-1:A035F
Type debian
Reporter Debian
Modified 2019-12-08T12:49:20

Description

Package : phpmyadmin Version : 4:4.2.12-2+deb8u7 CVE ID : CVE-2019-19617

phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/display_git_revision.lib.php and libraries/Footer.class.php.

For Debian 8 "Jessie", this issue has been fixed in phpmyadmin version 4:4.2.12-2+deb8u7. This upload was prepared by Utkarsh Gupta <guptautkarsh2102@gmail.com>

We recommend that you upgrade your phpmyadmin packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

Regards,


  ,&#x27;&#x27;`.
 : :&#x27;  :     Chris Lamb
 `. `&#x27;`      lamby@debian.org / chris-lamb.co.uk
   `-