[Bug 388885] New: phpmyadmin block root access is password contain a &
https://bugzilla.novell.com/show_bug.cgi?id=388885 Summary: phpmyadmin block root access is password contain a & Product: openSUSE 10.3 Version: Final Platform: x86-64 OS/Version: openSUSE 10.3 Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: brunofr@ioda.net QAContact: qa@suse.de Found By: Consulting Version phpMyAdmin-2.11.0-14.2 on openSUSE 10.3 Here root password for mysql contain some extra characters like !%& and so. Customer have spend a three hours before founding this bug. Extra characters work like a charm with other mysql tools (mysqladmin, mysql etc) During a short period we change the password for to ascii one and everything work like a charm. Should be changed quickly if it exist also in openSUSE 11.0 I've test the lastest phpmyadmin 2.11.6 (also for security update) and it works. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388885 User crrodriguez@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=388885#c1 Cristian Rodriguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |crrodriguez@novell.com AssignedTo|bnc-team-screening@forge.provo.novell.com |crrodriguez@novell.com Status|NEW |ASSIGNED --- Comment #1 from Cristian Rodriguez <crrodriguez@novell.com> 2008-05-09 12:39:08 MST --- Ok, I will check it out. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388885 Cristian Rodriguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Major |Normal Priority|P5 - None |P4 - Low -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388885 User crrodriguez@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=388885#c2 Cristian Rodriguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |WONTFIX --- Comment #2 from Cristian Rodriguez <crrodriguez@novell.com> 2008-07-07 10:27:29 MDT --- If not fixed in 11.1 , please reopen this bug, not critical enough to release a fix for this. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388885 User brunofr@ioda.net added comment https://bugzilla.novell.com/show_bug.cgi?id=388885#c3 Bruno Friedmann <brunofr@ioda.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WONTFIX | --- Comment #3 from Bruno Friedmann <brunofr@ioda.net> 2008-07-07 11:40:56 MDT --- Two month for a non issue result ! Bouaah. Wont fix isn't a real way to produce great distribution and software. phpmyadmin is one of the most used web-application. If suse offer an rpm. this one should or best have to follow security-fix ! So this bug leave installed opensuse system open at maximum risk. Why publishing security kernel, cups and other fix in this case ? I don't want to see one of my customer failing down due to this .. after they would ask me to install wind.. or ubuntu. ( No thanks ! ) I'm totaly disagree with your or novell's way to act with this particular point. I leave the bug open, if it's fix soon, we can close it otherwise not ! That's the way thing are really going better. Ps : two month later there's other security fixes ... Are they back ported ? http://www.phpmyadmin.net/home_page/security.php The other "wrong" way is to open a openbuild repository, and opensuse would become the "big bazar". Really is there any valid reason to not consider, and update the package ? With my best regards. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388885 User crrodriguez@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=388885#c4 Cristian Rodriguez <crrodriguez@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |WONTFIX --- Comment #4 from Cristian Rodriguez <crrodriguez@novell.com> 2008-07-07 14:17:50 MDT --- (In reply to comment #3 from Bruno Friedmann)
Why publishing security kernel, cups and other fix in this case ?
Because those are security problems, or critical bugs.
Ps : two month later there's other security fixes ... Are they back ported ? http://www.phpmyadmin.net/home_page/security.php
There will be an security fix only update to address some of those bugs. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com