UbuntuUpdates.org

Package "ampache"

Name: ampache

Description:

web-based audio file management system
Latest version: 3.6-rzb2779+dfsg-0ubuntu9.2
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: http://www.ampache.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "ampache"

All arch deb package
APT INSTALL

Other versions of "ampache" in Xenial

Repository Area Version
base universe 3.6-rzb2779+dfsg-0ubuntu9
security universe 3.6-rzb2779+dfsg-0ubuntu9.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.6-rzb2779+dfsg-0ubuntu9.2 2021-01-14 22:06:15 UTC

  ampache (3.6-rzb2779+dfsg-0ubuntu9.2) xenial-security; urgency=medium

  * SECURITY UPDATE: SQL Injection and XSS vulnerabilities
    - debian/patches/04_CVE-2019-12385_CVE-2019-12386.patch: Fix search engine
      and the LocalPlay "add instance" functionality.
    - CVE-2019-12385
    - CVE-2019-12386

 -- Paulo Flabiano Smorigo <email address hidden> Tue, 12 Jan 2021 13:26:25 +0000
Source diff to previous version
CVE-2019-12385 An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.clas
CVE-2019-12386 An issue was discovered in Ampache through 3.9.1. A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected code

Version: 3.6-rzb2779+dfsg-0ubuntu9.1 2016-08-11 21:06:35 UTC

  ampache (3.6-rzb2779+dfsg-0ubuntu9.1) xenial; urgency=medium

  * debian/patches/04_rename_error_to_amperror.patch: Backport 'Rename
    Error class to AmpError (fix php7 Error class name conflict)'.
    Closes LP: #1578201.

 -- Nishanth Aravamudan <email address hidden> Fri, 24 Jun 2016 08:21:47 -0700
1578201 ampache does not work on xenial/php7


About   -   Send Feedback to @ubuntu_updates