MGASA-2017-0471
- Source
- https://advisories.mageia.org/MGASA-2017-0471.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0471.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2017-0471
- Published
- 2017-12-28T13:16:56Z
- Modified
- 2026-04-16T04:27:09.930404Z
- Summary
- Updated phpmyadmin packages fix security vulnerability
- Details
-
Due to an XSRF/CSRF vulnerability in phpMyAdmin before 4.7.7, by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc (PMASA-2017-9).
The phpmyadmin package has been updated to version 4.7.7 to fix this issue and other bugs.
Note that phpMyAdmin 4.4.x in Mageia 5 is no longer supported. Users of the phpmyadmin package should upgrade to Mageia 6.
- References
-
- https://advisories.mageia.org/MGASA-2017-0471.html
- https://bugs.mageia.org/show_bug.cgi?id=22263
- https://www.phpmyadmin.net/security/PMASA-2017-9/
- https://www.phpmyadmin.net/files/4.7.2/
- https://www.phpmyadmin.net/files/4.7.3/
- https://www.phpmyadmin.net/files/4.7.4/
- https://www.phpmyadmin.net/files/4.7.5/
- https://www.phpmyadmin.net/files/4.7.6/
- https://www.phpmyadmin.net/files/4.7.7/
- https://www.phpmyadmin.net/news/2017/12/23/phpmyadmin-477-released/
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / phpmyadmin
Package
- Name
- phpmyadmin
- Purl
- pkg:rpm/mageia/phpmyadmin?arch=source&distro=mageia-6