From bc02fff1c519d1ff2d8d5d55e6de56ed463691d56d19eab25ab5f56eacf904d1 Mon Sep 17 00:00:00 2001 From: Eric Schirra Date: Mon, 23 Mar 2020 07:52:31 +0000 Subject: [PATCH] Accepting request 787358 from home:ecsos:server - Update to 4.9.5 This is a security release containing several bug fixes. * PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password * PMASA-2020-3 SQL injection vulnerability relating to the search feature * PMASA-2020-4 SQL injection and XSS having to do with displaying results * Removing of the "options" field for the external transformation. OBS-URL: https://build.opensuse.org/request/show/787358 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=347 --- phpMyAdmin-4.9.4-all-languages.tar.xz | 3 --- phpMyAdmin-4.9.4-all-languages.tar.xz.asc | 16 ---------------- phpMyAdmin-4.9.5-all-languages.tar.xz | 3 +++ phpMyAdmin-4.9.5-all-languages.tar.xz.asc | 16 ++++++++++++++++ phpMyAdmin.changes | 14 ++++++++++++++ phpMyAdmin.spec | 2 +- 6 files changed, 34 insertions(+), 20 deletions(-) delete mode 100644 phpMyAdmin-4.9.4-all-languages.tar.xz delete mode 100644 phpMyAdmin-4.9.4-all-languages.tar.xz.asc create mode 100644 phpMyAdmin-4.9.5-all-languages.tar.xz create mode 100644 phpMyAdmin-4.9.5-all-languages.tar.xz.asc diff --git a/phpMyAdmin-4.9.4-all-languages.tar.xz b/phpMyAdmin-4.9.4-all-languages.tar.xz deleted file mode 100644 index f866c7b..0000000 --- a/phpMyAdmin-4.9.4-all-languages.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c3d2eb2a0a06c40f7df9ee3bfe8daaea326bdf2ebc35f83e7dfd05eb0247b6bf -size 6134852 diff --git a/phpMyAdmin-4.9.4-all-languages.tar.xz.asc b/phpMyAdmin-4.9.4-all-languages.tar.xz.asc deleted file mode 100644 index b702bbd..0000000 --- a/phpMyAdmin-4.9.4-all-languages.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl4VN/QACgkQznUvF4JZ -vZLsihAAhJ65Cbv7d8jaCio2DlvUXBGrm1sEsOOC8utS4Kz4Ui6VWY98/Ra2Lz7n -tY/XOaSSDBzVRvLygwO55zK6nd/LiDn6HOfogiq1yTmqcy4ctTkSqFgGuv3pgx7G -PGadjasiQJgrczxpQHWToYgxbJPaggyhg3WsDoCasAkh06NSZobqKUSu4Gk4wTCO -9UlECby0tBdjgphu7Ot/yD5Ck/YsPCfbM2yzUiRUt2cYqOnqv5HcAyZPzHzpHdik -bhjhYJzH1jqWdsl/0lJJZRMt6yFJIH/KfiN/Zu+eCmNsa3s7wWSqXq8eAvi7ipW6 -/svH+/68Gj26jKdlfzocfoDpUlzdSVpeEEU2INff+7/iU6IUp0uBZXJKX7xOvMa5 -RYXsY3CMDhGqv5FsGhuDLKWQOffkxC9M++bpg8JVvr0vJceQ4caMJ82zftGA/tO0 -pJjBob4zb9QZEqKMAytcLROaCC3KrqsN1kIXEu/koQaETqxbIGxxH9rCFLpNo+yT -rPKp8uZJ6dCoarQ5srFYpkhXCVKgrO2Fuz3lyOuoPK+mAtvDWXJznsPK/41xYDWQ -nMGupQyt1Ytct2nnBZIeQFK4NxM8qVAFpQ7ZPkqtRP//0p0qTiY5OP87YKsC2yTv -EEx4CDB09kV/xMf5wIkaf1xHAPTps7YZrSUyC+HnmayixjwUb3k= -=7XQt ------END PGP SIGNATURE----- diff --git a/phpMyAdmin-4.9.5-all-languages.tar.xz b/phpMyAdmin-4.9.5-all-languages.tar.xz new file mode 100644 index 0000000..815ec27 --- /dev/null +++ b/phpMyAdmin-4.9.5-all-languages.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e02823e7844bc17aa6393e1acfed6970f5a3688fe8d0c693e74670d8fed9ecd4 +size 6138948 diff --git a/phpMyAdmin-4.9.5-all-languages.tar.xz.asc b/phpMyAdmin-4.9.5-all-languages.tar.xz.asc new file mode 100644 index 0000000..dd225dd --- /dev/null +++ b/phpMyAdmin-4.9.5-all-languages.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl51k6cACgkQznUvF4JZ +vZLUtQ/+NWk7yiYvoWYiIQIMG4ZpVKDdVuoEyki+HNtckScoeQwki9acchMMJfiy +DSkYalVMYtufu17mLIaL3vDGzU9f01ucwosgcSHmsNBt/Vw3m/tsNPDq+dnFhwFw +Jmn6e91Uq+RQLzp+omCvsiWT8UveBDudP8a6iHiiOWG1pX1i/p7kbWG+f0p53yiQ +NF6qfTXpIiaTdURyxl1Bug2IKv/IpR2RCOs3fqGwiYonbS03pbuGCb8A/Kyjsktl +kde9QZcTvcOzma7neTXVnmY3wobYK6q7tEIaMEzLAdAhmlV0HjTmLmHjDJHPgVI2 +NoEnDRDXNNmmDsvs3ZiXko70sDf86JAc4JSzUYCqUR2T+lpY1dej3vSZ2uzXcSXZ +RROAWTIw5zP2bktQOPTzbbjKn8hX3z9N+GYS7NvU4r1Kd+G4psCO3pdJSijwr0Ds +hRdUPD9B29WZ+PHZX3Zsl3lLzWQWKgwxyI2u8M8/L6dehhbvo/jnmKg8YuvVDnO+ +DJBgBxmg8bPfAhANeDZGfnnDc8WDov9/jnRnom05FDxuQEY00xB69iKXJ0mlMrC+ +7einymn6VlPJV2nLHt1uZp3ZU3oC6Lm1sdjaJcqzZlT86I97lwefZg43nsSe9Uui +jDo/UqcB0CPicYSPRdIx3RpJfETAJ5RdDZQByieBALPENuchmto= +=Lvjt +-----END PGP SIGNATURE----- diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index db82450..3a58f0f 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Mon Mar 23 06:40:08 UTC 2020 - ecsos@opensuse.org + +- Update to 4.9.5 + This is a security release containing several bug fixes. + * PMASA-2020-2 SQL injection vulnerability in the user accounts + page, particularly when changing a password + * PMASA-2020-3 SQL injection vulnerability relating to the search + feature + * PMASA-2020-4 SQL injection and XSS having to do with displaying + results + * Removing of the "options" field for the external + transformation. + ------------------------------------------------------------------- Tue Jan 21 21:24:30 UTC 2020 - chris@computersalat.de diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index f3ef1ae..e3c6d36 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -30,7 +30,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.9.4 +Version: 4.9.5 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0-or-later