From 760e1a8581a468b08fab789c9d7be9e0bb9c4e6958d7a38d81388b2be1cc1509 Mon Sep 17 00:00:00 2001
From: Eric Schirra <ecsos@schirra.net>
Date: Sun, 24 Nov 2019 17:54:18 +0000
Subject: [PATCH] Accepting request 750415 from
 home:AndreasStieger:branches:server:php:applications

phpMyAdmin 4.9.2 CVE-2019-18622 boo#1157614

OBS-URL: https://build.opensuse.org/request/show/750415
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=339
---
 phpMyAdmin-4.9.1-all-languages.tar.xz     |  3 ---
 phpMyAdmin-4.9.1-all-languages.tar.xz.asc | 16 ----------------
 phpMyAdmin-4.9.2-all-languages.tar.xz     |  3 +++
 phpMyAdmin-4.9.2-all-languages.tar.xz.asc | 16 ++++++++++++++++
 phpMyAdmin.changes                        | 17 +++++++++++++++++
 phpMyAdmin.spec                           |  2 +-
 6 files changed, 37 insertions(+), 20 deletions(-)
 delete mode 100644 phpMyAdmin-4.9.1-all-languages.tar.xz
 delete mode 100644 phpMyAdmin-4.9.1-all-languages.tar.xz.asc
 create mode 100644 phpMyAdmin-4.9.2-all-languages.tar.xz
 create mode 100644 phpMyAdmin-4.9.2-all-languages.tar.xz.asc

diff --git a/phpMyAdmin-4.9.1-all-languages.tar.xz b/phpMyAdmin-4.9.1-all-languages.tar.xz
deleted file mode 100644
index 2371982..0000000
--- a/phpMyAdmin-4.9.1-all-languages.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8f89dd62e3fdddabca187b092eeb5af4a4fb956189564c56038970519d0496c5
-size 6146368
diff --git a/phpMyAdmin-4.9.1-all-languages.tar.xz.asc b/phpMyAdmin-4.9.1-all-languages.tar.xz.asc
deleted file mode 100644
index b815703..0000000
--- a/phpMyAdmin-4.9.1-all-languages.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl2Fn6QACgkQznUvF4JZ
-vZLADxAAoHrbvD1CrcnYsaNe7uSVomiwrsM9VJx9JyrMsHPEPIabXfmrwDm3OKL4
-l8x/X+0ctn7KGBV3NxulkP73b5Ecq103bOYYHBO+oW5CSU9k6MbQO6I5BWeeILij
-uAcICe/7kYt8VPH2vNcwlT1N1f9Jzn4X5KAyBYsa9y7QvfxRQ1dvsdTCil3s1jDC
-rYjSvmfUGFzn4nnFtZ+CpSF6YemKnSzxIyruwsBEuZ/JVj54RvYv4tygJlzfjh3N
-69h7qnFsWyrVGzgi1I6nVEWhzEOVoEB90AJ9CE3lVeJxE+1nLqAeaS1gAXZSNgHA
-G/+rVvShIHtx88hIWc3n1pjwtUqS1l2vpzQRDcfYGUvL63QsabxkUcqsRgNiPhP7
-yqb4EO5+GZ+ohOgf0+C04GIvPh+NglfCod608LukUYbxqPLHBzAVBA8yMvF+DIJk
-4hjOLDASuGjM5TXJ2ynaE/1mdoiGHckx15IzbKyAisNroAjdh7lhokbD8UeYatV+
-FDd2rbHJRplL+s2tbygpCtY1/skyMnUTezZDIAal2xH+B4MmrjePfa/Lf95uvXDa
-IKS86Lwt+ydfm3CQA7hva5f3h1bD6syZHjsjvVT9XBuTdXAuUy9NZ6K/Pu1tu9Pf
-tFsZf7fVuWv5QwH9ZN60IKBMqYfxU3YZJNwWwQPjRnzBh3335b4=
-=DFfh
------END PGP SIGNATURE-----
diff --git a/phpMyAdmin-4.9.2-all-languages.tar.xz b/phpMyAdmin-4.9.2-all-languages.tar.xz
new file mode 100644
index 0000000..e6ec2a4
--- /dev/null
+++ b/phpMyAdmin-4.9.2-all-languages.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3bc3e37fefbdfcaf12fd59d6d7fdbf11ffcffe3e211155bf5b822b54a3c2043e
+size 6118472
diff --git a/phpMyAdmin-4.9.2-all-languages.tar.xz.asc b/phpMyAdmin-4.9.2-all-languages.tar.xz.asc
new file mode 100644
index 0000000..19a6210
--- /dev/null
+++ b/phpMyAdmin-4.9.2-all-languages.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl3XlukACgkQznUvF4JZ
+vZJT7A//TJnMaRibEeVxqj23aW0aNJQNGkdrhhgEitgbSjEpb6D0chQefee9X9uV
+tenXnxgv2xBeRE4JlxysQiZNYykZBSxFj6l/7HhSpnpevRZ9Gx2u1Sf9hAUY8MLE
+//bv7k1uOzB87kHJ3xcq8WMVASxoMHUm0QzbT0EF+SpSObvjFoGAGN+c6Zoa+SNu
+GPQyUTYU/a8J3wBEKyErItxTfGtw3+v5pCT82IrOaGnnjnxSmV6M5vKEQC9CftTp
+89z40VhW9hOGDPJtK0UtITeVRDVGB5N/C/daZlT25+1P8FeGFHt4zCwsMCgYwuxw
+wqrLejOXRu+0ZySzIZBP5asY9XbAbMz145/7V/jTnXI792JHR/YmbSi/EETZN7d+
+m3KXDS7qRvHDz/cG0sXVfoscHvOHlvBNpklI42G6wIbLRe+wPOOJBQ41bRHbi2QY
+yqHGA+Q6FVCKNNls7hVFgWPNn20rMLdjKfHW5QN2F7WcwUucMAfOnx5bn2t9Cjfr
+MSbCIu6cpOmAmuRXx1AvSC4dM87O274T4CLeGdCTEEpyuXbiLmp09bUzK/I9Bj1G
+bJA9KUKxmMt75x6mQ8sDGG64GTOts560dk43oC86gRYt+R4Rz/7qFvJFh9XqpyVo
+dVOc1Os/OUwZ7cDio0rgXKMv5eAIeRjfx2yAqpc25umhChTT0XY=
+=rEsR
+-----END PGP SIGNATURE-----
diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes
index c70af1e..281a1b3 100644
--- a/phpMyAdmin.changes
+++ b/phpMyAdmin.changes
@@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Sat Nov 23 09:42:06 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- phpMyAdmin 4.9.2:
+  * CVE-2019-18622: SQL injection in Designer feature (boo#1157614)
+  * Fixes for "Failed to set session cookie" error 
+  * Advisor with MySQL 8.0.3 and newer
+  * Fix PHP deprecation errors
+  * Fix a situation where exporting users after a delete query could
+    remove users
+  * Fix incorrect "You do not have privileges to manipulate with the
+    users!" warning
+  * Fix copying a database's privileges and several other problems
+    moving columns with MariaDB
+  * Fix for phpMyAdmin not selecting all the values when using
+    shift-click to select during Export
+
 -------------------------------------------------------------------
 Sat Sep 21 19:16:35 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec
index 002ddc5..032934f 100644
--- a/phpMyAdmin.spec
+++ b/phpMyAdmin.spec
@@ -29,7 +29,7 @@
 %define ap_grp nogroup
 %endif
 Name:           phpMyAdmin
-Version:        4.9.1
+Version:        4.9.2
 Release:        0
 Summary:        Administration of MySQL over the web
 License:        GPL-2.0-or-later