Ubuntu
phpmyadmin package

When will the patch be available?

Asked by kedmanee

Since 2009-10-13 is a security update announced, fixing XSS and SQL injection vulnerabilities This is categorized as serious.
When will the update avail in the common package system?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu phpmyadmin Edit question
Assignee:
No assignee Edit question
Solved by:
kedmanee
Solved:
Last query:
Last reply:
Revision history for this message
kedmanee (kedmanee) said : 		#1

I should mention it's for a 9.04 server system.

Revision history for this message
Simon Déziel (sdeziel) said : 		#2

Phpmyadmin is part of the universe repository so it's maintained buy the community. You can take a look at the changelog on that page http://packages.ubuntu.com/jaunty/phpmyadmin

The last version date from 05 Jul 2009. You can wait for someone make the update or ask for it. The better would be that you help the maintainer to produce the package.

It's only a tip but you should never have your phpmyadmin publicly accessible. This WebGUI is nice for management but it's security record is awful.

Revision history for this message
kedmanee (kedmanee) said : 		#3

I made settings in the HTTP-Server to deny requests from "outside".
The service can now reached only from LAN.