Fedora 26 : php-phpmyadmin-motranslator / php-phpmyadmin-sql-parser / etc (2018-147d33439c)
Low Nessus Plugin ID 107107
SynopsisThe remote Fedora host is missing one or more security updates.
DescriptionFrom upstream announcement :
**Security fix: phpMyAdmin 4.7.8 is released**
Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes.
The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya https://www.linkedin.com/in/mayur-udiniya-09247b129/ for finding and responsibly disclosing this flaw.
We recommend all users upgrade to resolve this security problem.
A complete list of new features and bugs that have been fixed is available in the ChangeLog file or changelog.php included with this release.
Notable changes since 4.7.7 :
- Fixed error handling with PHP 7.2
- Fixed resetting default setting values
- Fixed fallback value for collation connection
Additionally, there have been continuous improvements to many of the translations. If you don't see your language or find a problem, you can contribute too; see https://www.phpmyadmin.net/translate/ for details.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected php-phpmyadmin-motranslator, php-phpmyadmin-sql-parser and / or phpMyAdmin packages.