UbuntuUpdates.org

Package "phpliteadmin"

Name: phpliteadmin

Description:

web-based SQLite database admin tool

Latest version: 1.9.7.1-1ubuntu0.3
Release: bionic (18.04)
Level: updates
Repository: universe
Homepage: https://www.phpliteadmin.org/

Links


Download "phpliteadmin"


Other versions of "phpliteadmin" in Bionic

Repository Area Version
security universe 1.9.7.1-1ubuntu0.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.9.7.1-1ubuntu0.3 2022-08-08 12:06:21 UTC

  phpliteadmin (1.9.7.1-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: cross-site scripting (LP: #1964710)
    - debian/patches/Fix-post-num-XSS.patch:
      Forcibly cast input value to integer. Original fix.
    - CVE-2021-46709
  * Update PHP version to 7.2 in a directive comment for a2enconf(8).

 -- Nicholas Guriev <email address hidden> Sun, 22 May 2022 22:24:22 +0300

Source diff to previous version
1964710 XSS vulnerability in row_create
CVE-2021-46709 phpLiteAdmin through 1.9.8.2 allows XSS via the index.php newRows parameter (aka num or number).

Version: 1.9.7.1-1ubuntu0.1 2018-05-02 00:06:41 UTC

  phpliteadmin (1.9.7.1-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: authentication bypass (LP: #1767723)
    - debian/patches/Fix-authentication-bypass.patch:
      replace == with === in password comparation in
      classes/Authorization.php. Based on upstream commit
    - CVE-2018-10362

 -- Nicholas Guriev <email address hidden> Sat, 28 Apr 2018 00:14:25 +0300

1767723 CVE-2018-10362: Authentication bypass
CVE-2018-10362 An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with '==' instead of '===' in classes/Authorization.php for th



About   -   Send Feedback to @ubuntu_updates