openSUSE Security Update : phpMyAdmin (openSUSE-2017-1421)
High Nessus Plugin ID 105504
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed :
- By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations (bsc#1074066, PMASA-2017-09)
This update also contains all upstream improvements and bugfixes in version 4.7.7 :
- various display and UI fixes
- PHP error fixes
- Improved deteciton of MySQL server needing SSL connections
- Support JSON datatype on MariaDB 10.2.7 and newer
- Fix constructing ALTER query with AFTER
- Fix changing password on MariaDB cluster
SolutionUpdate the affected phpMyAdmin package.