Hello community, here is the log from the commit of package patchinfo.5278 for openSUSE:13.2:Update checked in at 2016-06-28 19:06:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/patchinfo.5278 (Old) and /work/SRC/openSUSE:13.2:Update/.patchinfo.5278.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.5278" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="5278"> <issue id="986154" tracker="bnc">VUL-0: phpMyAdmin: new releases June 2016</issue> <issue id="2016-5706" tracker="cve" /> <issue id="2016-5733" tracker="cve" /> <issue id="2016-5731" tracker="cve" /> <issue id="2016-5705" tracker="cve" /> <issue id="2016-5703" tracker="cve" /> <issue id="2016-5701" tracker="cve" /> <issue id="2016-5730" tracker="cve" /> <issue id="2016-5739" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>computersalat</packager> <description>phpMyAdmin was updated to version 4.4.15.7 to fix eight security issues. These security issues were fixed: - CVE-2016-5701: BBCode injection vulnerability (boo#986154) - CVE-2016-5703: SQL injection attack (boo#986154) - CVE-2016-5705: Multiple XSS vulnerabilities (boo#986154) - CVE-2016-5706: DOS attack (boo#986154) - CVE-2016-5730: Multiple full path disclosure vulnerabilities (boo#986154) - CVE-2016-5731: XSS through FPD (boo#986154) - CVE-2016-5733: Multiple XSS vulnerabilities (boo#986154) - CVE-2016-5739: Referrer leak in transformations (boo#986154) This non-security issues was fixed: - Fix issue Setup script doesn't use input type 'password' in all relevant locations </description> <summary>Security update for phpMyAdmin</summary> </patchinfo>