phpMyAdmin 2.6.4-pl2 security patch

[l0rdphi1]

phpMyAdmin 2.6.4-pl2 was released today, to fix a security problem.

Security alert:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4

Updated with:

#!/bin/sh

cd /var/www/html

VERSION=2.6.4-pl2

wget aleron.dl.sf.net/sourceforge/phpmyadmin/phpMyAdmin-$VERSION.tar.gz
tar xzf phpMyAdmin-$VERSION.tar.gz
rm -rf phpMyAdmin phpMyAdmin-$VERSION.tar.gz

find phpMyAdmin-$VERSION -type f -exec chmod 640 {} \;
find phpMyAdmin-$VERSION -type d -exec chmod 750 {} \;
chown -R apache:apache phpMyAdmin-$VERSION
ln -s phpMyAdmin-$VERSION phpMyAdmin

perl -pi -e 's/(..auth_type..\s*=\s*.)config/${1}http/' phpMyAdmin/config.inc.php
perl -pi -e 's/(PmaNoRelation_DisableWarning..\s*=\s*)FALSE/${1}TRUE/' phpMyAdmin/config.inc.php

exit 0

 

[ju5t]

Thanks for sharing

 

[Titam]

Thank you

for the script,

replace

rm -f phpMyAdmin phpMyAdmin-$VERSION.tar.gz

by

rm -rf phpMyAdmin phpMyAdmin-$VERSION.tar.gz

otherwise, i had a message on my FC3 who says i cannot delete this folder.

 

[l0rdphi1]

Thank you

for the script,

replace

rm -f phpMyAdmin phpMyAdmin-$VERSION.tar.gz

by

rm -rf phpMyAdmin phpMyAdmin-$VERSION.tar.gz

otherwise, i had a message on my FC3 who says i cannot delete this folder.

Ah, thanks for pointing that out. Fixed in my post.

Phi1.

 

[RenDprogrammeur]

How does i have to save this code in .bat or something or .sh and how must i open it ?


Can i use the code on Redhat Enterprise 3.0 ?

 

[ju5t]

How does i have to save this code in .bat or something or .sh and how must i open it ?


Can i use the code on Redhat Enterprise 3.0 ?

nano updatephpmyadmin

paste the code from l0rdphi1 in there

chmod +x updatephpmyadmin
./updatephpmyadmin

It will probably work yes. Confirmed on CentOS 4.1 and Fedora 2 here.