Accepting request 732397 from home:AndreasStieger:branches:server:php:applications

phpMyAdmin 4.9.1 CVE-2019-12922 boo#1150914

OBS-URL: https://build.opensuse.org/request/show/732397
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=337
This commit is contained in:
Eric Schirra 2019-09-21 20:28:19 +00:00 committed by Git OBS Bridge
parent 60d7c81750
commit cbdc83f4f9
6 changed files with 39 additions and 20 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e3de59f913c095433c8f6466f8826dfde09b097cfac78b665ddef9ddc03b0ed6
size 6066680

View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlz2l40ACgkQznUvF4JZ
vZLKBRAAtEnzcxLYrysyCdnShxpAPxBUrDQYQ2GA310ZbZu/ZzWO+BLmc8Simnv7
hfVLSeKvS3Xy6N72++til7ujdofbx3uohwrthyL24L6s24BJAT+KOqhSRXzAJ/a2
rWuEE0kDg6+H5PRRq41+DbQBxDfsAwjsR6eueSszApe+M50ek6udRuxFFIOBcBfi
zBPCAjIfpTIXXUygBJUrl4K/PPUYXR8wWoAC2SRBDY43B01yD4Y9hkqCBXNcSgNa
S1QsRNB6+7uTi4lSIoHHj1zLfAumAjsfFpznqaY0K+UHkSnM9qHKEUPmJUdauCwa
Y65vycPVVDj3gD9bGGsloAg24vuxSUqFQlUpDYTIkTFJaEKgRyB8fH6CpPYCn8iX
DYHYKREpTubS6hqUsikjflPr+ufDYh6nT7h3OM06TroHCf73amgS32u5N9u+ibEt
DBHR3X+h5gBP0s94OCYpjExtrxOakFH4cID4mX7VkafcpV4zwg8NeOwTYcp4lq5h
QtbhnAMVUtWKiN0DMOj+bF+DhbPYx9g2tO2J1E33qK4iqN+OwAdv9PV7cGst8Fat
GmhgQNb8x1m8qN1wiY60ZEjok9CXTrR4NR6dQEp5suQpmbV29ICkzwc8uD75NFLU
RVLgbiDctw0oC9aBym6tRsVDgfh4Pxq6M27G/Bj6PeaZ8JS4w2A=
=YN/f
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8f89dd62e3fdddabca187b092eeb5af4a4fb956189564c56038970519d0496c5
size 6146368

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAl2Fn6QACgkQznUvF4JZ
vZLADxAAoHrbvD1CrcnYsaNe7uSVomiwrsM9VJx9JyrMsHPEPIabXfmrwDm3OKL4
l8x/X+0ctn7KGBV3NxulkP73b5Ecq103bOYYHBO+oW5CSU9k6MbQO6I5BWeeILij
uAcICe/7kYt8VPH2vNcwlT1N1f9Jzn4X5KAyBYsa9y7QvfxRQ1dvsdTCil3s1jDC
rYjSvmfUGFzn4nnFtZ+CpSF6YemKnSzxIyruwsBEuZ/JVj54RvYv4tygJlzfjh3N
69h7qnFsWyrVGzgi1I6nVEWhzEOVoEB90AJ9CE3lVeJxE+1nLqAeaS1gAXZSNgHA
G/+rVvShIHtx88hIWc3n1pjwtUqS1l2vpzQRDcfYGUvL63QsabxkUcqsRgNiPhP7
yqb4EO5+GZ+ohOgf0+C04GIvPh+NglfCod608LukUYbxqPLHBzAVBA8yMvF+DIJk
4hjOLDASuGjM5TXJ2ynaE/1mdoiGHckx15IzbKyAisNroAjdh7lhokbD8UeYatV+
FDd2rbHJRplL+s2tbygpCtY1/skyMnUTezZDIAal2xH+B4MmrjePfa/Lf95uvXDa
IKS86Lwt+ydfm3CQA7hva5f3h1bD6syZHjsjvVT9XBuTdXAuUy9NZ6K/Pu1tu9Pf
tFsZf7fVuWv5QwH9ZN60IKBMqYfxU3YZJNwWwQPjRnzBh3335b4=
=DFfh
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Sat Sep 21 19:16:35 UTC 2019 - Andreas Stieger <andreas.stieger@gmx.de>
- phpMyAdmin 4.9.1:
* CVE-2019-12922: hardening against CSRF (boo#1150914)
* Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13
and newer
* Compatibility issues with PHP 8
* Export of GIS visualization
* Enhanced descriptions for several collation types
* Creating a user with a single quote in the password string
* Unexpected quotes during import and export on text fields
* Improvements to adding new tables to Designer
* Fix an issue where an authenticated user could trigger heavy
traffic between the database server and web server
* Fix a weakness where an attacker, under certain conditions,
working at the same time as an administrator is using the setup
script, could delete a server from the setup script
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jun 30 13:05:23 UTC 2019 - chris@computersalat.de Sun Jun 30 13:05:23 UTC 2019 - chris@computersalat.de

View File

@ -29,7 +29,7 @@
%define ap_grp nogroup %define ap_grp nogroup
%endif %endif
Name: phpMyAdmin Name: phpMyAdmin
Version: 4.9.0.1 Version: 4.9.1
Release: 0 Release: 0
Summary: Administration of MySQL over the web Summary: Administration of MySQL over the web
License: GPL-2.0-or-later License: GPL-2.0-or-later