Accepting request 185995 from home:julianladisch:branches:server:php:applications

update to 4.0.5 (2013-08-04) OBS-URL: https://build.opensuse.org/request/show/185995 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=70
2013-08-06 11:00:18 +00:00 · 2013-08-06 11:00:18 +00:00 · e72432a122
commit e72432a122
parent 67da26ad23
4 changed files with 41 additions and 10 deletions
--- a/phpMyAdmin-4.0.4.2-all-languages.tar.bz2
+++ b/phpMyAdmin-4.0.4.2-all-languages.tar.bz2
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:aadbe787db33c6da6abfddfd8b16b4adbb2beb204558db88970347f3b8f699e9
 size 5768927
--- a/phpMyAdmin-4.0.5-all-languages.tar.bz2
+++ b/phpMyAdmin-4.0.5-all-languages.tar.bz2
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:09597049327057a67027f4101ec976eae57a1e20115dbf37ba3caf4348981128
 size 6083117
--- a/phpMyAdmin.changes
+++ b/phpMyAdmin.changes
@ -1,15 +1,46 @@
 -------------------------------------------------------------------
 Mon Aug  5 21:51:23 UTC 2013 - obs@ladisch.de
 - update to 4.0.5 (2013-08-04)
  + sf#3977 Not detected configuration storage
  + sf#3970 Pressing enter in the filter field reloads page
  + sf#3984 Cannot insert in this table (PHP < 5.4)
  + sf#3989 Reloading privileges does not update the interface
  + sf#3960 NavigationBarIconic config not honored
  + sf#3985 Call to undefined function mb_detect_encoding
  + sf#4007 Analyze option not shown for InnoDB tables
  + sf#4015 Forcing a storage engine for configuration storage
  + bug Incorrect Drizzle 7 detection
  + sf#4019 Create database if not exists (export): add an option to the
    interface to enable generating CREATE DATABASE and USE (false by default)
  + sf#4012 Crash on CSV file import
  + sf#4009 Statistic Monitor shows only last 3 digits in graph
  + sf#3998 Non-permanent SQL history not working
  + sf#3578 Transformations for text/plain on a BLOB column
  + [security] Improved protection against cross framing, see PMASA-2013-10
    (CVE-2013-5029 CWE-661 CWE-693) 
  + Reinstated configuration directive: AllowThirdPartyFraming
 -------------------------------------------------------------------
 Mon Aug  5 21:32:45 UTC 2013 - obs@ladisch.de
 - fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes
 - add CVEs to 4.0.4.2 changes
 -------------------------------------------------------------------
 Mon Jul 29 20:07:45 UTC 2013 - chris@computersalat.de
 - fix for bnc#831896
  * multiple XSS issues (+ a SQL injection and full path disclosure flaw)
-  * fix for PMASA-2013-9 (CWE-661 CWE-79 CWE-80)
+  * fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)
-  * fix for PMASA-2013-11 (CWE-300 CWE-79)
+  * fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)
-  * fix for PMASA-2013-12 (CWE-661 CWE-200)
+  * fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)
-  * fix for PMASA-2013-13 (CWE-661 CWE-79 CWE-80)
+  * fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)
-  * fix for PMASA-2013-14 (CWE-661 CWE-79)
+  * fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)
-  * fix for PMASA-2013-15 (CWE-661 CWE-89 CWE-269)
+  * fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)
  * fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
 - update to 4.0.4.2 (2013-07-28)
  * [security] fix unescaped parameter, see PMASA-2013-8 
  * [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
  * [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
  * [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
--- a/phpMyAdmin.spec
+++ b/phpMyAdmin.spec
@ -34,7 +34,7 @@ Name:           phpMyAdmin
 Summary:        Administration of MySQL over the web
 License:        GPL-2.0+
 Group:          Productivity/Networking/Web/Frontends
-Version:        4.0.4.2
+Version:        4.0.5
 Release:        0
 Url:            http://www.phpMyAdmin.net
 Source0:        %{name}-%{version}-all-languages.tar.bz2