pool/phpMyAdmin
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 246859 from home:computersalat:devel:php

Browse Source 
fix for bnc#894107, fix changes file

OBS-URL: https://build.opensuse.org/request/show/246859
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=135
This commit is contained in:
Christian Wittmer 2014-08-29 15:28:44 +00:00 committed by Git OBS Bridge
parent 228ac4ac98
commit 20f8ea918e
2 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
phpMyAdmin.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Aug 29 14:58:31 UTC 2014 - chris@computersalat.de
- fix for bnc#894107
* fix post/postun for systemd
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Aug 19 21:46:14 UTC 2014 - chris@computersalat.de Tue Aug 19 21:46:14 UTC 2014 - chris@computersalat.de
@ -9,14 +15,14 @@ Mon Aug 18 18:13:29 UTC 2014 - andreas.stieger@gmx.de
- fix for bnc#892401 - fix for bnc#892401
* update to 4.2.7.1 * update to 4.2.7.1
* PMASA-2014-8 ( CVE-2014-5273, CWE-661 CWE-79) * PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
- sf#4501 [security] XSS in table browse page - sf#4501 [security] XSS in table browse page
- sf#4502 [security] Self-XSS in enum value editor - sf#4502 [security] Self-XSS in enum value editor
- sf#4503 [security] Self-XSSes in monitor - sf#4503 [security] Self-XSSes in monitor
- sf#4504 [security] Self-XSS in query charts - sf#4504 [security] Self-XSS in query charts
- sf#4517 [security] XSS in relation view - sf#4517 [security] XSS in relation view
* PMASA-2014-9 ( CVE-2014-5274, CWE-661 CWE-79) * PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
- sf#4505 [security] XSS in view operations page - sf#4505 [security] XSS in view operations page
@ -51,18 +57,18 @@ Fri Jul 18 17:24:08 UTC 2014 - ecsos@schirra.net
creation creation
- sf#4459 First few characters of database name aren't - sf#4459 First few characters of database name aren't
clickable when expanded clickable when expanded
- fix for PMASA-2014-4 ( CVE-2014-4954, CWE-661, CWE-79 ) - fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php
* sf#4486 [security] XSS injection due to unescaped table * sf#4486 [security] XSS injection due to unescaped table
comment comment
- fix for PMASA-2014-5 ( CVE-2014-4955, CWE-661, CWE-79 ) - fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php
* sf#4488 [security] XSS injection due to unescaped table name * sf#4488 [security] XSS injection due to unescaped table name
(triggers) (triggers)
- fix for PMASA-2014-6 ( CVE-2014-4986, CWE-661, CWE-79 ) - fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php
* sf#4492 [security] XSS in AJAX confirmation messages * sf#4492 [security] XSS in AJAX confirmation messages
- fix for PMASA-2014-7 ( CVE-2014-4987, CWE-661 ) - fix for PMASA-2014-7 (CVE-2014-4987, CWE-661)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php
* sf#4491 [security] Missing validation for accessing User * sf#4491 [security] Missing validation for accessing User
groups feature groups feature

12
phpMyAdmin.spec
View File

@ -31,6 +31,10 @@ Name: phpMyAdmin
%define ap_grp nogroup %define ap_grp nogroup
%endif %endif
%if 0%{?suse_version} >= 1210
%define has_systemd 1
%endif
Summary: Administration of MySQL over the web Summary: Administration of MySQL over the web
License: GPL-2.0+ License: GPL-2.0+
Group: Productivity/Networking/Web/Frontends Group: Productivity/Networking/Web/Frontends
@ -151,10 +155,18 @@ popd
# set PmaAbsoluteUri ### generate blowfish secret # set PmaAbsoluteUri ### generate blowfish secret
%{__sed} -i -e "s,@FQDN@,$(cat /etc/HOSTNAME)," \ %{__sed} -i -e "s,@FQDN@,$(cat /etc/HOSTNAME)," \
-e "s/\\\$cfg\['blowfish_secret'\] = ''/\$cfg['blowfish_secret'] = '`pwgen -s -1 46`'/" %{pma_config} -e "s/\\\$cfg\['blowfish_secret'\] = ''/\$cfg['blowfish_secret'] = '`pwgen -s -1 46`'/" %{pma_config}
%if 0%{?has_systemd}
%service_add_post apache2.service
%else
%restart_on_update apache2 %restart_on_update apache2
%endif
%postun %postun
%if 0%{?has_systemd}
%service_del_postun apache2.service
%else
%restart_on_update apache2 %restart_on_update apache2
%endif
%clean %clean
%{__rm} -rf $RPM_BUILD_ROOT %{__rm} -rf $RPM_BUILD_ROOT