Here's a collection of recent security vulnerabilities and alerts, which covers the release of PHP 5.2.5, multiple vulnerabilities discovered in phpMyAdmin, and various security updates released by SUSE.
- PHP 5.2.5 released
Version 5.2.5 of the PHP scripting language has been released. Other than offering numerous improvements, it closes a number of security holes. More than 60 flaws have been fixed.
As such, the PHP team recommend an urgent upgrade to this new version.
You can read the PHP 5.2.5 Release Announcement here.
- Multiple vulnerabilities discovered in phpMyAdmin
Users of phpMyAdmin might want to take note of multiple security vulnerabilities identified in versions of phpMyAdmin prior to 220.127.116.11.
Multiple vulnerabilities have been identified in phpMyAdmin, which could be exploited by malicious users to conduct cross site scripting and SQL injection attacks. These issues are caused by an input validation error in the "db_create.php" script when processing the "db" parameter, which could be exploited by authenticated attackers to inject and execute arbitrary SQL queries or scripting code.
Solution is to upgrade to phpMyAdmin 18.104.22.168.
- SUSE releases updates for koffice, poppler and xpdf
SUSE has issued various updates that resolves issues in koffice, poppler and xpdf. We have reported separately on a non SUSE-specific patch for xpdf a few days ago.
All three patches addressses vulnerabilities that can result in a remote system compromise. As such, users are encouraged to update as soon as possible.
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.