Fedora 27 : php-phpmyadmin-motranslator / php-phpmyadmin-sql-parser / etc (2018-a1650ed14f)

Low Nessus Plugin ID 107010


The remote Fedora host is missing one or more security updates.


From upstream announcement :

**Security fix: phpMyAdmin 4.7.8 is released**

Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes.

The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya https://www.linkedin.com/in/mayur-udiniya-09247b129/ for finding and responsibly disclosing this flaw.

We recommend all users upgrade to resolve this security problem.

A complete list of new features and bugs that have been fixed is available in the ChangeLog file or changelog.php included with this release.

Notable changes since 4.7.7 :

- Fixed error handling with PHP 7.2

- Fixed resetting default setting values

- Fixed fallback value for collation connection

Additionally, there have been continuous improvements to many of the translations. If you don't see your language or find a problem, you can contribute too; see https://www.phpmyadmin.net/translate/ for details.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected php-phpmyadmin-motranslator, php-phpmyadmin-sql-parser and / or phpMyAdmin packages.

See Also





Plugin Details

Severity: Low

ID: 107010

File Name: fedora_2018-a1650ed14f.nasl

Version: 3.3

Type: local

Agent: unix

Published: 2018/02/27

Modified: 2018/03/12

Dependencies: 12634

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS v3.0

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php-phpmyadmin-motranslator, p-cpe:/a:fedoraproject:fedora:php-phpmyadmin-sql-parser, p-cpe:/a:fedoraproject:fedora:phpMyAdmin, cpe:/o:fedoraproject:fedora:27

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2018/02/26

Reference Information

CVE: CVE-2018-7260