Changelog
adminer (4.7.1-1+deb10u1) buster; urgency=medium
* provide a compiled version and configuration files (Closes: #952755)
* privacy: default to disable check for new version
* Backport security patch series from upstream:
- Fix open redirect if Adminer is accessible at //adminer.php%2F@
- Fix XSS if Adminer is accessible at URL /data
- CVE-2020-35572: Fix XSS in browsers which don't encode URL parameters
- CVE-2021-21311: Elasticsearch: Do not print response if HTTP code is
not 200
- CVE-2021-29625: XSS in doc_link
-- Alexandre Rossi <email address hidden> Wed, 26 May 2021 09:06:37 +0200