Skip to content

Commit

Permalink
bug #4900 [security] Vulnerability allowing man-in-the-middle attack
Browse files Browse the repository at this point in the history 
Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com>
  • Loading branch information
@madhuracj
madhuracj committed May 13, 2015
1 parent c903ecf commit 0e18931
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 2 deletions.
1 change: 1 addition & 0 deletions ChangeLog
View file
Expand Up @@ -3,6 +3,7 @@ phpMyAdmin - ChangeLog

4.2.13.3 (Not yet released)
- bug #4899 [security] CSRF vulnerability in setup
- bug #4900 [security] Vulnerability allowing man-in-the-middle attack

4.2.13.2 (2015-03-04)
- bug [security] Risk of BREACH attack, see PMASA-2015-1
Expand Down
2 changes: 0 additions & 2 deletions libraries/Config.class.php
View file
Expand Up @@ -748,8 +748,6 @@ function checkHTTP($link, $get_body = false)
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_USERAGENT, 'phpMyAdmin/' . PMA_VERSION);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
Expand Down

0 comments on commit 0e18931

Please sign in to comment.