[TYPO3-caretaker] Extension phpmyadmin is not shown as insecure
larsen007 at web.de
larsen007 at web.de
Wed Jul 6 17:13:17 CEST 2011
Today, a security bulletin has been released for phpmyadmin:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/
I have phpmyadmin 4.11.0 installed on a test domain, but the check for
"insecure extensions" doesn´t list this as vulnerable. Though, the check
"extension updates" correctly lists this as:
"Extension phpmyadmin is installed in Version 4.11.0. Latest is 4.11.2."
The extension list of the caretaker server is updated and when I go to
manually installing phpmyadmin, it shows the correct version 4.11.2. The
cronjob is set to run every minute (for testing purposes).
Output of the check:
Title: insecure_extensions
Path: Caretaker Root -> test -> sandbox.example.de -> insecure_extensions
NodeID: instance_2_test_2
Type: TER insecure extension test
Interval: 5 Minutes
Description:
Configuration:
Hidden: no
last Run: 07/06/11 16:56:52
State: Error
Value: 2
Message:
2 Errors and 0 Warnings
- Errors:
- Insecure Extension page_php_content is installed in version 1.0.1
- Insecure Extension slideshow is installed in version 0.2.2
It had another extension listed before and after I updated that extension
and forced a re-check, the output was correctly updated. Still, phpmyadmin
is missing from that list. What is the reason for that?
Lars
More information about the TYPO3-project-caretaker
mailing list