openSUSE Security Update: Security update for phpMyAdmin ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1059-1 Rating: moderate References: #1090309 Cross-References: CVE-2018-10188 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for phpMyAdmin to version 4.8.0.1 fixes the following issues: - CVE-2018-10188: Possible execution of arbitrary SQL statements via manipulated URLs (boo#1090309) This version also contains a number of upstream changes, improvements, new functions and bug fixes. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2018-387=1 Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (noarch): phpMyAdmin-4.8.0.1-20.1 References: https://www.suse.com/security/cve/CVE-2018-10188.html https://bugzilla.suse.com/1090309