Author: djoume-guest Date: 2005-02-18 13:28:21 +0100 (Fri, 18 Feb 2005) New Revision: 442 Modified: sarge-checks/CAN/list Log: * update phpmyadmin Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-02-18 11:32:09 UTC (rev 441) +++ sarge-checks/CAN/list 2005-02-18 12:28:21 UTC (rev 442) @@ -7,7 +7,9 @@ CAN-2005-0460 (index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...) NOTE: not-for-us (MercuryBoard) CAN-2005-0459 (phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote ...) - NOTE: not sure if this is really a security issue, I have mailed maintainer. + NOTE: From maintainer Piotr Roszatycki <Piotr_Roszatycki@netia.net.pl> : + NOTE: I think it is not a problem on Debian as far as everybody knows the full + NOTE: path of phpMyAdmin is /usr/share/phpmyadmin. CAN-2005-0458 (Cross-site scripting (XSS) vulnerability in contact_us.php in ...) NOTE: not-for-us (oscommerce) CAN-2005-0457 (Opera 7.54 and earlier on Gentoo Linux uses an insecure path for ...)