-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3002-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 13, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : adminer Version : 4.2.5-3+deb9u3 CVE ID : CVE-2021-43008 It was discovered that there was an issue in the web-based database tool Adminer whereby an attacker could have performed an Arbitrary File Read on the remote server by requesting Adminer connect to a crafted remote MySQL database. For Debian 9 "Stretch", this problem has been fixed in version 4.2.5-3+deb9u3. We recommend that you upgrade your adminer packages. For the detailed security status of adminer please refer to its security tracker page at: https://security-tracker.debian.org/tracker/adminer Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmJ+j5YACgkQHpU+J9Qx Hlh6og//YlkuWzF4vnjl98j+9EyKaDxNYK2ASgpUSM4IrV1TW4LQqv9R+WNiZUIg x9FRhXTgEBh3ANZeGQqLDKlszNRZhS5sBwVxjuI2lU1b4j6guI/mRti5sAXf5Bbb I7YnlOdtfVu3Ap9ZzNvagQiRJNPgbNjOz3xAGsbSl6kvHCI2mqDb1hZzHbrOpEtf Cn0LSah7St6V4LTqbaOiHw+WR6C5gf7Hu3hntxLozaXBYshLWgmUgLWblfNonNst a39AbWgCtoK+aPJQd4VbRo2rwpNllEiR+6zR8IFnIpFN0mpOmnpdf2gq5fyhxmW0 rksWoH9on2+Mx6wRfKpAI1kOG17t7z2iTrBhjEjEnTiI3TIeb7fdnFoHTcKH5FYU JavRjp7DNRPfk44zwUA99J0ysyLuAIrH6VMQI7IbSVnC24YBKBxaDCKr5Xl1txGL B50EcAt3dKIUVNRfmfZiPQCoNTIYXCB5ionkGc9AReebKc/pFJJpDC3/Kw9usGin JYV4pXIY9CFzKMrVEH13dDTcKcSPo1ZS+DSTP/0Z/xVgMEtbd0MJWFzdHY6Y3OdN NVrbRRQ1j3QjoyoBQW1cSuIF84QWkMC5eRETNuJCHYXkFlaQIZbjXU4avS2MB5Qh NRJ4A01zIo3PsLQK3dAWTFSpNiIf8BZ2pGYz4A20MC70RoqskUQ= =I96e -----END PGP SIGNATURE-----
