From 25a7984d9202b8ea186ad959d684e4bd61008e169eca6f2f436cc1aa6e73fd5d Mon Sep 17 00:00:00 2001 From: Eric Schirra Date: Fri, 23 Feb 2018 11:09:43 +0000 Subject: [PATCH] Accepting request 579192 from home:AndreasStieger:branches:server:php:applications phpMyAdmin 4.7.8 CVE-2018-726 (boo#1082188) OBS-URL: https://build.opensuse.org/request/show/579192 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=307 --- phpMyAdmin-4.7.7-all-languages.tar.xz | 3 --- phpMyAdmin-4.7.7-all-languages.tar.xz.asc | 16 ---------------- phpMyAdmin-4.7.8-all-languages.tar.xz | 3 +++ phpMyAdmin-4.7.8-all-languages.tar.xz.asc | 16 ++++++++++++++++ phpMyAdmin.changes | 10 ++++++++++ phpMyAdmin.spec | 5 +---- 6 files changed, 30 insertions(+), 23 deletions(-) delete mode 100644 phpMyAdmin-4.7.7-all-languages.tar.xz delete mode 100644 phpMyAdmin-4.7.7-all-languages.tar.xz.asc create mode 100644 phpMyAdmin-4.7.8-all-languages.tar.xz create mode 100644 phpMyAdmin-4.7.8-all-languages.tar.xz.asc diff --git a/phpMyAdmin-4.7.7-all-languages.tar.xz b/phpMyAdmin-4.7.7-all-languages.tar.xz deleted file mode 100644 index a8f27c9..0000000 --- a/phpMyAdmin-4.7.7-all-languages.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2a748e92e7bf8d4d008a524f8101f011ff63de2fd20339d025f2be4900f75deb -size 6411768 diff --git a/phpMyAdmin-4.7.7-all-languages.tar.xz.asc b/phpMyAdmin-4.7.7-all-languages.tar.xz.asc deleted file mode 100644 index 3969535..0000000 --- a/phpMyAdmin-4.7.7-all-languages.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlo+YAEACgkQznUvF4JZ -vZLZ6hAAobTdzr/kjZDjfwnczglv+4dUAp4JLka0rlHjAdRblSx9D6s4RW1RllXH -4NtvOuuf/LoamXzfzy/E5zkJ31umPJM1jPusiZjPenRcVGM0lpeXSVTBBcI85bhT -jp+mKQvscK/rwhQrQLXGjzg2+nvjR0kSww8XM9pgMc9SjT8kaksJl6V2kkpoBVf0 -oRY/cw9pboPYxjn9tc/yHdAPQ/TssyRJD4myiodVVg7CF1D3bdzn6F76RMCbaOjC -wC3PA9JQDS6KImevWTi4GpPnM8yG/K4r290bLl6kPy1M+sPYweJbtA+PT2/Z/4h0 -XMSLD0BDvwq2s9PJBxv5es7qUhTZTwyehsWybqN2qau6yCvi2Ca1JXPHq8lzWVHg -0+eGcNCa0DfyJagrfmEFtNi2vu0gxZL8e7XlrBF9m68U9shgauLUD6Y9vl4e/Tzj -/scwn0/L0uYpQZxSLoOZWZrAkJnFrSTQZVvxs/0vsOe3M2hd/7nmS3sPT+xguRO+ -+8uKNCF9RFDceF/s77KDXfmalMSmlxMzgReXkjsrzMexoma8pfkIuEscCGW+AJyV -6asgSRNiMpnAxVfQqb7Hs0R3/Ypt+mhIx6RC45q3e7h0ZOAWQhCYz8QF4DSRJa9r -bWPCBWmioLlxeSUAGW1dURbFE/KYgOLoKvuAyb56AbRzs9amQk4= -=eo5P ------END PGP SIGNATURE----- diff --git a/phpMyAdmin-4.7.8-all-languages.tar.xz b/phpMyAdmin-4.7.8-all-languages.tar.xz new file mode 100644 index 0000000..94aa6c5 --- /dev/null +++ b/phpMyAdmin-4.7.8-all-languages.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:828c687f1463561db9043eecaae8eee3b2e1895066bfecd240c6e25abf283701 +size 6218056 diff --git a/phpMyAdmin-4.7.8-all-languages.tar.xz.asc b/phpMyAdmin-4.7.8-all-languages.tar.xz.asc new file mode 100644 index 0000000..5677dc9 --- /dev/null +++ b/phpMyAdmin-4.7.8-all-languages.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlqMJbEACgkQznUvF4JZ +vZJWUQ/+KGFcLxjsLOae4hQiuTwKSwSpWooPbP7ZCQl/EMHPmGJ0l25M4epwSsgq +lDsuRPhztrcccpLah/X12JUH7itvseqdz0r7QUe/DgfQeeoH6eaURhOMoLyJ3alp ++iB0w5XSkSS15wio5dJCowuDq6NhQ+y2h+Hfj6XV7YP7D2tktXA0sq42kK1QSRUw +0LJ0AWf5VcsYRZBbsKyuMhjKI2JlagQL0fZzY8URipVQaaSZZhztCSiaWZpS/gsy +IRka57aLfjLRNOIcz+M2IPDA3EFVciBlGIDDeBDDavjBMXrQzLAMLFlxhIPVQ9PB +xCsICyyYC0T8oR0q5voTRdT9WmVw5S/9fyOIEJbduzYiNLMT3dZIocFKeL/CQ6wv +fL6koQPeYbuO+8l527pLSwJPZm4+/rEqb7esiCLDMKV13ZXyitj98NmBgSD3fzp4 +P8hFfU9+7+7wzzndPQy/PjyZnvEnky6vOqdkg3x/kKUFEzUAgjuFpG2u8u2Gws+5 +x9PEUt1+aMs6HK3mbVQO8rIfe4rLM1hzNLJY0gfgJQOMlImt91osWOcmC5FfDm93 +JeSO0HuNvKPAickFeix2VtnpXkCim39PsVsvG9U67fetfjeZkOIo8hhseLIvrpW3 +ppafTwxdhA8xENteYKKmJlrZo5LELyGdvmhi4m1qG4uhNKJNTb0= +=/dH8 +-----END PGP SIGNATURE----- diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index 4be652b..5f15bd3 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Feb 22 20:30:07 UTC 2018 - astieger@suse.com + +- phpMyAdmin 4.7.8: + * CVE-2018-7260: self-cross site scripting (XSS) vulnerability + in the central columns feature (boo#1082188) + * Fixed error handling with PHP 7.2 + * Fixed resetting default setting values + * Fixed fallback value for collation connection + ------------------------------------------------------------------- Mon Dec 25 19:14:32 UTC 2017 - astieger@suse.com diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index 54e06cf..0358619 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -29,7 +29,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.7.7 +Version: 4.7.8 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0+ @@ -120,9 +120,6 @@ perl -p -i -e 's|\r\n|\n|' examples/config.manyhosts.inc.php %patch0 %patch1 -# rpmlint: fix incorrect-fsf-address -find . -type f | xargs sed -i -e 's:59 Temple Place\, Suite 330\, Boston\, MA 02111-1307 USA:51 Franklin Street\, Fifth Floor\, Boston\, MA 02110-1301 USA:g' - find . -type d -exec chmod 755 {} \; find . -type f -exec chmod 644 {} \; rm -rf vendor/phpmyadmin/sql-parser/.github