From 20f8ea918e8734b9870a42a1642f5ecc3bccd82f53d72509397831af2c675307 Mon Sep 17 00:00:00 2001 From: Christian Wittmer Date: Fri, 29 Aug 2014 15:28:44 +0000 Subject: [PATCH 1/2] Accepting request 246859 from home:computersalat:devel:php fix for bnc#894107, fix changes file OBS-URL: https://build.opensuse.org/request/show/246859 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=135 --- phpMyAdmin.changes | 18 ++++++++++++------ phpMyAdmin.spec | 12 ++++++++++++ 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index ca76c40..261e111 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Aug 29 14:58:31 UTC 2014 - chris@computersalat.de + +- fix for bnc#894107 + * fix post/postun for systemd + ------------------------------------------------------------------- Tue Aug 19 21:46:14 UTC 2014 - chris@computersalat.de @@ -9,14 +15,14 @@ Mon Aug 18 18:13:29 UTC 2014 - andreas.stieger@gmx.de - fix for bnc#892401 * update to 4.2.7.1 - * PMASA-2014-8 ( CVE-2014-5273, CWE-661 CWE-79) + * PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php - sf#4501 [security] XSS in table browse page - sf#4502 [security] Self-XSS in enum value editor - sf#4503 [security] Self-XSSes in monitor - sf#4504 [security] Self-XSS in query charts - sf#4517 [security] XSS in relation view - * PMASA-2014-9 ( CVE-2014-5274, CWE-661 CWE-79) + * PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php - sf#4505 [security] XSS in view operations page @@ -51,18 +57,18 @@ Fri Jul 18 17:24:08 UTC 2014 - ecsos@schirra.net creation - sf#4459 First few characters of database name aren't clickable when expanded - - fix for PMASA-2014-4 ( CVE-2014-4954, CWE-661, CWE-79 ) + - fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php * sf#4486 [security] XSS injection due to unescaped table comment - - fix for PMASA-2014-5 ( CVE-2014-4955, CWE-661, CWE-79 ) + - fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php * sf#4488 [security] XSS injection due to unescaped table name (triggers) - - fix for PMASA-2014-6 ( CVE-2014-4986, CWE-661, CWE-79 ) + - fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php * sf#4492 [security] XSS in AJAX confirmation messages - - fix for PMASA-2014-7 ( CVE-2014-4987, CWE-661 ) + - fix for PMASA-2014-7 (CVE-2014-4987, CWE-661) http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php * sf#4491 [security] Missing validation for accessing User groups feature diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index dfc5499..2b65cd9 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -31,6 +31,10 @@ Name: phpMyAdmin %define ap_grp nogroup %endif +%if 0%{?suse_version} >= 1210 +%define has_systemd 1 +%endif + Summary: Administration of MySQL over the web License: GPL-2.0+ Group: Productivity/Networking/Web/Frontends @@ -151,10 +155,18 @@ popd # set PmaAbsoluteUri ### generate blowfish secret %{__sed} -i -e "s,@FQDN@,$(cat /etc/HOSTNAME)," \ -e "s/\\\$cfg\['blowfish_secret'\] = ''/\$cfg['blowfish_secret'] = '`pwgen -s -1 46`'/" %{pma_config} +%if 0%{?has_systemd} +%service_add_post apache2.service +%else %restart_on_update apache2 +%endif %postun +%if 0%{?has_systemd} +%service_del_postun apache2.service +%else %restart_on_update apache2 +%endif %clean %{__rm} -rf $RPM_BUILD_ROOT From 82d28385ec476a65d1e4a7fc2ddef1343b6580ca9c539acff6469eed72f74ab9 Mon Sep 17 00:00:00 2001 From: Eric Schirra Date: Sun, 31 Aug 2014 22:11:35 +0000 Subject: [PATCH 2/2] Accepting request 247011 from home:ecsos update to 4.2.8 OBS-URL: https://build.opensuse.org/request/show/247011 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=136 --- phpMyAdmin-4.2.7.1-all-languages.tar.bz2 | 3 --- phpMyAdmin-4.2.8-all-languages.tar.bz2 | 3 +++ phpMyAdmin.changes | 21 +++++++++++++++++++++ phpMyAdmin.spec | 2 +- 4 files changed, 25 insertions(+), 4 deletions(-) delete mode 100644 phpMyAdmin-4.2.7.1-all-languages.tar.bz2 create mode 100644 phpMyAdmin-4.2.8-all-languages.tar.bz2 diff --git a/phpMyAdmin-4.2.7.1-all-languages.tar.bz2 b/phpMyAdmin-4.2.7.1-all-languages.tar.bz2 deleted file mode 100644 index 4925382..0000000 --- a/phpMyAdmin-4.2.7.1-all-languages.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4079ac9e5e51153682bba24a89d615043ae10d4d527d4dce73f18d5721d38c51 -size 6707181 diff --git a/phpMyAdmin-4.2.8-all-languages.tar.bz2 b/phpMyAdmin-4.2.8-all-languages.tar.bz2 new file mode 100644 index 0000000..a08c788 --- /dev/null +++ b/phpMyAdmin-4.2.8-all-languages.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f2cf7ae0d4cc2e38f5bac6dbcb281e56e9738a669f7952e0c79fb09309f9f349 +size 6748400 diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index 261e111..d09c708 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Sun Aug 31 21:52:38 UTC 2014 - ecsos@schirra.net + +- update to 4.2.8 (2014-08-31) + - sf#4516 Odd export behavior + - sf#4519 Uncaught TypeError: Cannot read property 'success' + of null + - sf#4520 sql.js: cannot read property + - sf#4521 Initially allowed chart types do not match selected + data + - sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT + ignored + - sf#4522 Duplicate column names while assigning index + - sf#4487 Export of partitioned table does not import + - fix bug server_privileges.js: cannot read property + - sf#4527 Importing ODS files with column names having trailing + spaces fails + - sf#4413 Navigation Error in Nav Tree for Search Results Past + the First Page + - fix bug functions.js: Cannot read property 'replace' of undefined + ------------------------------------------------------------------- Fri Aug 29 14:58:31 UTC 2014 - chris@computersalat.de diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index 2b65cd9..2ae2ac2 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -38,7 +38,7 @@ Name: phpMyAdmin Summary: Administration of MySQL over the web License: GPL-2.0+ Group: Productivity/Networking/Web/Frontends -Version: 4.2.7.1 +Version: 4.2.8 Release: 0 Url: http://www.phpMyAdmin.net Source0: http://sourceforge.net/projects/phpmyadmin/files/%{name}-%{version}-all-languages.tar.bz2