openSUSE Security Update: phpMyAdmin: update to 4.1.8 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2014:0344-1 Rating: moderate References: #864917 Cross-References: CVE-2014-1879 Affected Products: openSUSE 13.1 openSUSE 12.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: phpMyAdmin was updated to 4.1.8 to fix bugs, security issues and also bring new features. Fixed security issue: * PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79) - update to 4.1.8 (2014-02-22) * sf#4276 Login loop on session expiry * sf#4249 Incorrect number of result rows for SQL with subqueries * sf#4275 Broken Link to php extension manual * sf#4053 List of procedures is not displayed after executing with Enter * sf#4081 Setup page content shifted to the right edge of its tabs * sf#4284 Reordering a column erases comments for other columns * sf#4286 Open "Browse" in a new tab * sf#4287 Printview - Always one column too much * sf#4288 Expand database (+ icon) after timeout doesn't do anything * sf#4285 Fixed CSS for setup * Fixed altering table to DOUBLE/FLOAT field * sf#4292 Success message and failure message being shown together * sf#4293 opening new tab (using selflink) for import.php based actions results in error and logout Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch openSUSE-2014-193 - openSUSE 12.3: zypper in -t patch openSUSE-2014-193 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (noarch): phpMyAdmin-4.1.8-4.1 - openSUSE 12.3 (noarch): phpMyAdmin-4.1.8-1.12.1 References: http://support.novell.com/security/cve/CVE-2014-1879.html https://bugzilla.novell.com/864917