Accepting request 185995 from home:julianladisch:branches:server:php:applications

update to 4.0.5 (2013-08-04)

OBS-URL: https://build.opensuse.org/request/show/185995
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=70
This commit is contained in:
Christian Wittmer 2013-08-06 11:00:18 +00:00 committed by Git OBS Bridge
parent 67da26ad23
commit e72432a122
4 changed files with 41 additions and 10 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:aadbe787db33c6da6abfddfd8b16b4adbb2beb204558db88970347f3b8f699e9
size 5768927

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:09597049327057a67027f4101ec976eae57a1e20115dbf37ba3caf4348981128
size 6083117

View File

@ -1,15 +1,46 @@
-------------------------------------------------------------------
Mon Aug 5 21:51:23 UTC 2013 - obs@ladisch.de
- update to 4.0.5 (2013-08-04)
+ sf#3977 Not detected configuration storage
+ sf#3970 Pressing enter in the filter field reloads page
+ sf#3984 Cannot insert in this table (PHP < 5.4)
+ sf#3989 Reloading privileges does not update the interface
+ sf#3960 NavigationBarIconic config not honored
+ sf#3985 Call to undefined function mb_detect_encoding
+ sf#4007 Analyze option not shown for InnoDB tables
+ sf#4015 Forcing a storage engine for configuration storage
+ bug Incorrect Drizzle 7 detection
+ sf#4019 Create database if not exists (export): add an option to the
interface to enable generating CREATE DATABASE and USE (false by default)
+ sf#4012 Crash on CSV file import
+ sf#4009 Statistic Monitor shows only last 3 digits in graph
+ sf#3998 Non-permanent SQL history not working
+ sf#3578 Transformations for text/plain on a BLOB column
+ [security] Improved protection against cross framing, see PMASA-2013-10
(CVE-2013-5029 CWE-661 CWE-693)
+ Reinstated configuration directive: AllowThirdPartyFraming
-------------------------------------------------------------------
Mon Aug 5 21:32:45 UTC 2013 - obs@ladisch.de
- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes
- add CVEs to 4.0.4.2 changes
-------------------------------------------------------------------
Mon Jul 29 20:07:45 UTC 2013 - chris@computersalat.de
- fix for bnc#831896
* multiple XSS issues (+ a SQL injection and full path disclosure flaw)
* fix for PMASA-2013-9 (CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-11 (CWE-300 CWE-79)
* fix for PMASA-2013-12 (CWE-661 CWE-200)
* fix for PMASA-2013-13 (CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-14 (CWE-661 CWE-79)
* fix for PMASA-2013-15 (CWE-661 CWE-89 CWE-269)
* fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)
* fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)
* fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)
* fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)
* fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
- update to 4.0.4.2 (2013-07-28)
* [security] fix unescaped parameter, see PMASA-2013-8
* [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
* [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
* [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9

View File

@ -34,7 +34,7 @@ Name: phpMyAdmin
Summary: Administration of MySQL over the web
License: GPL-2.0+
Group: Productivity/Networking/Web/Frontends
Version: 4.0.4.2
Version: 4.0.5
Release: 0
Url: http://www.phpMyAdmin.net
Source0: %{name}-%{version}-all-languages.tar.bz2