{"affected":[{"ecosystem_specific":{"binaries":[{"phpMyAdmin":"4.9.0.1-bp151.3.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"phpMyAdmin","purl":"pkg:rpm/suse/phpMyAdmin&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.9.0.1-bp151.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for phpMyAdmin fixes the following issues:\n\nphpMyAdmin was updated to 4.9.0.1:\n\n* Several issues with SYSTEM VERSIONING tables\n* Fixed json encode error in export\n* Fixed JavaScript events not activating on input (sql bookmark issue)\n* Show Designer combo boxes when adding a constraint\n* Fix edit view\n* Fixed invalid default value for bit field\n* Fix several errors relating to GIS data types\n* Fixed javascript error PMA_messages is not defined\n* Fixed import XML data with leading zeros\n* Fixed php notice, added support for 'DELETE HISTORY' table privilege (MariaDB >= 10.3.4)\n* Fixed MySQL 8.0.0 issues with GIS display\n* Fixed 'Server charset' in 'Database server' tab showing wrong information\n* Fixed can not copy user on Percona Server 5.7\n* Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems\n\n- boo#1137497 / PMASA-2019-4 / CVE-2019-12616 / CWE-661: Fixed CSRF vulnerability in login form\n  https://www.phpmyadmin.net/security/PMASA-2019-4/\n\n- boo#1137496 / PMASA-2019-3 / CVE-2019-11768 / CWE-661: Fixed SQL injection in Designer feature\n  https://www.phpmyadmin.net/security/PMASA-2019-3/\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:1861-1","modified":"2019-08-13T15:43:36Z","published":"2019-08-13T15:43:36Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4YMTXBTTCUB3CMXGIV7WXLEVETID7QRZ/#4YMTXBTTCUB3CMXGIV7WXLEVETID7QRZ"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137496"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137497"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11768"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-12616"}],"related":["CVE-2019-11768","CVE-2019-12616"],"summary":"Security update for phpMyAdmin","upstream":["CVE-2019-11768","CVE-2019-12616"]}