From cbdc83f4f9dd4b5fb5bb8640c754f78de30d9a6fc90eb3ba325dbf4d52e86902 Mon Sep 17 00:00:00 2001 From: Eric Schirra Date: Sat, 21 Sep 2019 20:28:19 +0000 Subject: [PATCH] Accepting request 732397 from home:AndreasStieger:branches:server:php:applications phpMyAdmin 4.9.1 CVE-2019-12922 boo#1150914 OBS-URL: https://build.opensuse.org/request/show/732397 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=337 --- phpMyAdmin-4.9.0.1-all-languages.tar.xz | 3 --- phpMyAdmin-4.9.0.1-all-languages.tar.xz.asc | 16 ---------------- phpMyAdmin-4.9.1-all-languages.tar.xz | 3 +++ phpMyAdmin-4.9.1-all-languages.tar.xz.asc | 16 ++++++++++++++++ phpMyAdmin.changes | 19 +++++++++++++++++++ phpMyAdmin.spec | 2 +- 6 files changed, 39 insertions(+), 20 deletions(-) delete mode 100644 phpMyAdmin-4.9.0.1-all-languages.tar.xz delete mode 100644 phpMyAdmin-4.9.0.1-all-languages.tar.xz.asc create mode 100644 phpMyAdmin-4.9.1-all-languages.tar.xz create mode 100644 phpMyAdmin-4.9.1-all-languages.tar.xz.asc diff --git a/phpMyAdmin-4.9.0.1-all-languages.tar.xz b/phpMyAdmin-4.9.0.1-all-languages.tar.xz deleted file mode 100644 index 2c280b5..0000000 --- a/phpMyAdmin-4.9.0.1-all-languages.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e3de59f913c095433c8f6466f8826dfde09b097cfac78b665ddef9ddc03b0ed6 -size 6066680 diff --git a/phpMyAdmin-4.9.0.1-all-languages.tar.xz.asc b/phpMyAdmin-4.9.0.1-all-languages.tar.xz.asc deleted file mode 100644 index 623d71e..0000000 --- a/phpMyAdmin-4.9.0.1-all-languages.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlz2l40ACgkQznUvF4JZ -vZLKBRAAtEnzcxLYrysyCdnShxpAPxBUrDQYQ2GA310ZbZu/ZzWO+BLmc8Simnv7 -hfVLSeKvS3Xy6N72++til7ujdofbx3uohwrthyL24L6s24BJAT+KOqhSRXzAJ/a2 -rWuEE0kDg6+H5PRRq41+DbQBxDfsAwjsR6eueSszApe+M50ek6udRuxFFIOBcBfi -zBPCAjIfpTIXXUygBJUrl4K/PPUYXR8wWoAC2SRBDY43B01yD4Y9hkqCBXNcSgNa -S1QsRNB6+7uTi4lSIoHHj1zLfAumAjsfFpznqaY0K+UHkSnM9qHKEUPmJUdauCwa -Y65vycPVVDj3gD9bGGsloAg24vuxSUqFQlUpDYTIkTFJaEKgRyB8fH6CpPYCn8iX -DYHYKREpTubS6hqUsikjflPr+ufDYh6nT7h3OM06TroHCf73amgS32u5N9u+ibEt -DBHR3X+h5gBP0s94OCYpjExtrxOakFH4cID4mX7VkafcpV4zwg8NeOwTYcp4lq5h -QtbhnAMVUtWKiN0DMOj+bF+DhbPYx9g2tO2J1E33qK4iqN+OwAdv9PV7cGst8Fat -GmhgQNb8x1m8qN1wiY60ZEjok9CXTrR4NR6dQEp5suQpmbV29ICkzwc8uD75NFLU -RVLgbiDctw0oC9aBym6tRsVDgfh4Pxq6M27G/Bj6PeaZ8JS4w2A= -=YN/f ------END PGP SIGNATURE----- diff --git a/phpMyAdmin-4.9.1-all-languages.tar.xz b/phpMyAdmin-4.9.1-all-languages.tar.xz new file mode 100644 index 0000000..2371982 --- /dev/null +++ b/phpMyAdmin-4.9.1-all-languages.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8f89dd62e3fdddabca187b092eeb5af4a4fb956189564c56038970519d0496c5 +size 6146368 diff --git a/phpMyAdmin-4.9.1-all-languages.tar.xz.asc b/phpMyAdmin-4.9.1-all-languages.tar.xz.asc new file mode 100644 index 0000000..b815703 --- /dev/null +++ b/phpMyAdmin-4.9.1-all-languages.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl2Fn6QACgkQznUvF4JZ +vZLADxAAoHrbvD1CrcnYsaNe7uSVomiwrsM9VJx9JyrMsHPEPIabXfmrwDm3OKL4 +l8x/X+0ctn7KGBV3NxulkP73b5Ecq103bOYYHBO+oW5CSU9k6MbQO6I5BWeeILij +uAcICe/7kYt8VPH2vNcwlT1N1f9Jzn4X5KAyBYsa9y7QvfxRQ1dvsdTCil3s1jDC +rYjSvmfUGFzn4nnFtZ+CpSF6YemKnSzxIyruwsBEuZ/JVj54RvYv4tygJlzfjh3N +69h7qnFsWyrVGzgi1I6nVEWhzEOVoEB90AJ9CE3lVeJxE+1nLqAeaS1gAXZSNgHA +G/+rVvShIHtx88hIWc3n1pjwtUqS1l2vpzQRDcfYGUvL63QsabxkUcqsRgNiPhP7 +yqb4EO5+GZ+ohOgf0+C04GIvPh+NglfCod608LukUYbxqPLHBzAVBA8yMvF+DIJk +4hjOLDASuGjM5TXJ2ynaE/1mdoiGHckx15IzbKyAisNroAjdh7lhokbD8UeYatV+ +FDd2rbHJRplL+s2tbygpCtY1/skyMnUTezZDIAal2xH+B4MmrjePfa/Lf95uvXDa +IKS86Lwt+ydfm3CQA7hva5f3h1bD6syZHjsjvVT9XBuTdXAuUy9NZ6K/Pu1tu9Pf +tFsZf7fVuWv5QwH9ZN60IKBMqYfxU3YZJNwWwQPjRnzBh3335b4= +=DFfh +-----END PGP SIGNATURE----- diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index 75182e5..c70af1e 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Sat Sep 21 19:16:35 UTC 2019 - Andreas Stieger + +- phpMyAdmin 4.9.1: + * CVE-2019-12922: hardening against CSRF (boo#1150914) + * Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 + and newer + * Compatibility issues with PHP 8 + * Export of GIS visualization + * Enhanced descriptions for several collation types + * Creating a user with a single quote in the password string + * Unexpected quotes during import and export on text fields + * Improvements to adding new tables to Designer + * Fix an issue where an authenticated user could trigger heavy + traffic between the database server and web server + * Fix a weakness where an attacker, under certain conditions, + working at the same time as an administrator is using the setup + script, could delete a server from the setup script + ------------------------------------------------------------------- Sun Jun 30 13:05:23 UTC 2019 - chris@computersalat.de diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index b95f4db..002ddc5 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -29,7 +29,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.9.0.1 +Version: 4.9.1 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0-or-later