Commit Graph

380 Commits

Author SHA256 Message Date
Dominique Leuenberger
922c6cc92c Accepting request 953741 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/953741
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=176
2022-02-11 22:10:15 +00:00
e87d5fb617 Accepting request 953740 from home:ecsos:server
- Update to 5.1.3

OBS-URL: https://build.opensuse.org/request/show/953740
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=372
2022-02-11 13:15:50 +00:00
Dominique Leuenberger
2ea466dc60 Accepting request 948084 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/948084
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=175
2022-01-23 11:15:46 +00:00
bb5a9191ee Accepting request 948083 from home:ecsos:server
- Update to 5.1.2
  This is a security and bufix release.
  * Security
    - Fix boo#1195017 (CVE-2022-23807, PMASA-2022-1, CWE-661) 
      Two factor authentication bypass
    - Fix boo#1195018 (CVE-2022-23808, PMASA-2022-2, CWE-661)
      Multiple XSS and HTML injection attacks in setup script
  * Bugfixes
    - Revert a changed to $cfg['CharTextareaRows'] allow values
      less than 7
    - Fix encoding of enum and set values on edit value
    - Fixed possible "Undefined index: clause_is_unique" error
    - Fixed some situations where a user is logged out when working
      with more than one server
    - Fixed a problem with assigning privileges to a user using the
      multiselect list when the database name has an underscore
    - Enable cookie parameter "SameSite" when the PHP version
      is 7.3 or newer
    - Correctly handle the removal of "innodb_file_format" in
      MariaDB and MySQL

OBS-URL: https://build.opensuse.org/request/show/948083
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=371
2022-01-22 10:32:31 +00:00
a5aba848d7 Accepting request 948077 from home:ecsos:server
- Update to 5.1.2
  This is a security and bufix release.
  * Security
    - Fix (CVE-2022-23807, PMASA-2022-1, CWE-661) 
      Two factor authentication bypass
    - Fix (CVE-2022-23808, PMASA-2022-2, CWE-661)
      Multiple XSS and HTML injection attacks in setup script
  * Bugfixes
    - Revert a changed to $cfg['CharTextareaRows'] allow values
      less than 7
    - Fix encoding of enum and set values on edit value
    - Fixed possible "Undefined index: clause_is_unique" error
    - Fixed some situations where a user is logged out when working
      with more than one server
    - Fixed a problem with assigning privileges to a user using the
      multiselect list when the database name has an underscore
    - Enable cookie parameter "SameSite" when the PHP version
      is 7.3 or newer
    - Correctly handle the removal of "innodb_file_format" in
      MariaDB and MySQL

OBS-URL: https://build.opensuse.org/request/show/948077
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=370
2022-01-22 10:13:19 +00:00
Dominique Leuenberger
5a6af0d24a Accepting request 897669 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/897669
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=174
2021-06-05 21:31:41 +00:00
b4b9d8801a Accepting request 897667 from home:ecsos:server
- Update to 5.1.1
  - Fixes for several PHP errors
  - Fixes for "$cfg['DefaultTabDatabase']" and other related configuration directives not working properly
  - Fix Yaml export to quote strings even when they are numeric
  - Fix TCPDF open_basedir issue due to internal guessing code from TCPDF
  - Fix for quick search not working when using more than one configured server
    Fix datetime decimals displayed (.00000) after edit
  - Fix new lines in text fields are doubled
  - Fixed URL generation by removing un-needed & escaping for & char
  - Improvements for working with PHP 8.1
  - Improved handling of adding a new user with the Percona database server
  
  For a detail cahngelog see: 
  https://demo.phpmyadmin.net/master-config/index.php?route=/changelog

OBS-URL: https://build.opensuse.org/request/show/897667
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=368
2021-06-05 10:42:42 +00:00
Dominique Leuenberger
39281f3704 Accepting request 875362 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/875362
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=173
2021-02-26 21:00:09 +00:00
ea969ed219 Accepting request 875360 from home:ecsos:server
- Update to 5.1.0
  - issue #15350 Change Media (MIME) type references to Media type
  - issue #15377 Add a request router
  - issue        Automatically focus input in the two-factor authentication window
  - issue #15509 Replace gender-specific pronouns with gender-neutral pronouns
  - issue #15491 Improve complexity of generated passwords
  - issue #14909 Add a configuration option to define the 1st day of week
  - issue #12726 Made user names clickable in user accounts overview
  - issue #15729 Improve virtuality dropdown for MariaDB > 10.1
  - issue #15312 Added an option to perform ALTER ONLINE (ALGORITHM=INPLACE) 
    when editing a table structure
  - issue        Added missing 'IF EXISTS' to 'DROP EVENT' when exporting databases
  - issue #15232 Improve the padding in query result tool links
  - issue #15064 Support exporting raw SQL queries
  - issue #15555 Added ip2long transformation
  - issue #15194 Fixed horizontal scroll on structure edit page
  - issue #14820 Move table hide buttons in navigation to avoid hiding a table by mistake
  - issue #14947 Use correct MySQL version if the version is 8.0 or above for documentation links
  - issue #15790 Use "MariaDB Documentation" instead of "MySQL Documentation" on a MariaDB server
  - issue #15880 Change "Show Query" link to a button
  - issue #13371 Automatically toggle the radio button to "Create a page and save it" on Designer
  - issue #12969 Tap and hold will not dismiss the error box anymore, you can now copy the error
  - issue #15582 Don't disable "Empty" table button after clicking it
  - issue #15662 Stay on the structure page after editing/adding/dropping indexes
  - issue #15663 show structure after adding a column
  - issue #16005 Remove symfony/yaml dependency
  - issue #16005 Improve performance of dependency injection system by removing yaml parsing
  - issue #15447 Disable phpMyAdmin storage database checkbox on databases list
  - issue #16001 Add autocomplete attributes on login form
  - issue #13519 Add "Preview SQL" option on Index dialog box when creating a new table
  - issue #15954 Fixed export maximal length of created query input is too small
  - issue        Redesign the server status advisor page
  - issue #13124 Use same height for SQL query textarea and Columns select in SQL page
  - issue #16005 Add a new vendor constant "CACHE_DIR" that defaults 
    to "libraries/cache/" and store routing cache into this folder
  - issue #16005 Warm-up the routing cache before building the release
  - issue #16005 Use --optimize-autoloader when installing composer vendors before building the release
  - issue #15992 Add back the table name to the printable version on "Structure" page
  - issue #14815 Allow simplifying exported view syntax to only "CREATE VIEW"
  - issue #15496 Add $cfg['CaptchaSiteVerifyURL'] for Google ReCaptcha siteVerifyUrl
  - issue #14772 Add the password_hash PHP function as an option when inserting data
  - issue #15136 Add a notice for Hex converter giving invalid results
  - issue #16139 Use a textarea for JSON columns
  - issue #16223 Make JSON input transformation editor less narrow
  - issue #14340 Add a button on Export Page to show the SQL Query
  - issue #16304 Add support for INET6 column type
  - issue #16337 Fix example insert/update query default values
  - issue #12961 Remove indexes from table relation
  - issue #13557 Use a full list of functions instead of a separated one on insert/edit page "Function" selector
  - issue #14795 Include routines in the export in a predictable order
  - issue #16227 Fixed autocomplete is not working in case the table name is quoted by "`" symbols
  - issue #15463 Force BINARY comparison when looking at privileges to avoid an SQL error on privileges tab
  - issue #16430 Fixed Windows error message uses trailing / instead of \
  - issue #16316 Added support for "SameSite=Strict" on cookies using configuration "$cfg['CookieSameSite']"
  - issue #16451 Fixed AWS RDS IAM authentication doesn't work because pma_password is truncated
  - issue #16451 Show an error message when the security limit is 
    reached instead of silently trimming the password to avoid confusion
  - issue #15001 Add back Login Cookie Validity setting to the features form
  - issue #16457 Add config parameters to support third-party ReCaptcha v2 compatible APIs like hCaptcha
  - issue #13077 Moved tools section to left on large devices (Bootstrap xl)
  - issue #15711 Moved some buttons to left on large devices (Bootstrap xl)
  - issue #15584 Add $cfg['MysqlSslWarningSafeHosts'] to set the red text black when ssl is not used on a private network
  - issue #15652 Replace deprecated FOUND_ROWS() function call on "distinct values" feature
  - issue        Export blobs as hex on JSON export
  - issue #16095 Fix leading space not shown in a CHAR column when browsing a table
  - issue        Make procedures/functions SQL editor both side scrollable
  - issue #16407 Bump pragmarx/google2fa conflict to >8.0
  - issue #14953 Added a rename Button to use RENAME INDEX syntax of MySQL 5.7 (and MariaDB >= 10.5.2)
  - issue #16477 Fixed no Option to enter TABLE specific permissions when the database name contains an "_" (underscore)
  - issue #16498 Fixed empty text not appearing after deleting all Routines
  - issue #16467 Fixed a PHP notice "Trying to access array offset on value of type null" on Designer PDF export
  - issue #15658 Fixed saving UI displayed columns on a non database request fails
  - issue #16495 Fix drop tables checkbox is above the checkbox for foreign keys
  - issue #16485 Fix visual query builder missing "Build Query" button
  - issue #16565 Added 'IF EXISTS' to 'DROP EVENT' when updating events to avoid replication issues
  - issue        Removed metro fonts that where Apache-2.0 files that are incompatible with GPL-2.0
  - issue #16464 Made the relation view default to the current database when creating relations
  - issue #16463 Fixed 'REFERENCES' privilege checkbox's title on new MySQL versions and on MariaDB
  - issue #16405 Added jest as a Unit Testing tool for our javascript code
  - issue #16252 Fixed the too small font size when editing rows (textareas)
  - issue #16585 Fixed BLOB to JPG transformation PHP errors
  - issue        Made the console setup async to avoid blocking the page render
  - issue #16429 Use PHP 8.0 fixed version (commit) for TCPDF
  - issue #16005 Major performance improvements on browsing a lot of rows
  - issue #16595 Fixed editing columns having a `_` in their name in specific conditions
  - issue #16608 Fix "Sort by key" restore auto saved value
  - issue #16611 Fixed unable to add tables to rename aliases twice on Export
  - issue #16621 Fixed link HTML messed up in Advisor
  - issue #16622 Fixed Advisor formatting incorrect for long_query_time notice
  - issue #15389 Fixed reset current page indicator after deleting all rows to current page and not page 1
  - issue #15997 Fixed auto save query
  - issue #15997 Made auto saved query database or database+table independent
  - issue #16641 Fixed query generation that was allowing JSON to have a length
  - issue #15994 Fixed the selected value detection for "on update current_timestamp"
  - issue #16614 Fixed PHP 8.0 dataseek offset call to the MySQLI extension
  - issue #16662 Fixed Uncaught TypeError on "delete" button click of a database search results page
  - issue        Fixed Undefined index: selected_usr when the user tried to delete no selected user
  - issue #16657 Fixed the QBE interface when the configuration storage is not enabled
  - issue #16479 Fix our Selenium test-suite
  - issue #16669 Fixed table search modal for BETWEEN
  - issue #16667 Fixed LIKE and TINYINT in search not working properly
  - issue #16424 Fixed numerical search in table and zoom
  - issue        Improve the version handling (new Version class) and add a VERSION_SUFFIX for vendors
  - issue #14494 Fix uncaught TypeError when editing partitioning
  - issue #16525 Fix PHP 8.0 failing tests when comparing 0 to ''
  - issue #16429 Fixed PHP 8.0 errors on preg_replace and operand types
  - issue #16490 Fixed PHP 8.0 function libxml_disable_entity_loader() is deprecated
  - issue #16429 Fixed failing unit tests on PHP 8.0
  - issue #16609 Fixed Sql.rearrangeStickyColumns is not a function
- Rebase phpMyAdmin-config.patch.

OBS-URL: https://build.opensuse.org/request/show/875360
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=366
2021-02-26 12:00:15 +00:00
Dominique Leuenberger
8a0ed0afd1 Accepting request 858109 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/858109
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=172
2020-12-23 13:21:45 +00:00
fc86a38414 Accepting request 858101 from home:adkorte:branches:server:php:applications
- Use coreutils to generate blowfish secret to reduce dependencies
- Attempt to migrate modified configuration file rather than just
  replacing it by default configuration
- The apache subpackage must require the main package, otherwise it
  will not be uninstalled when the main package is uninstalled
- Generate blowfish secret and enable Apache modules/flags only on
  install
- Only empty temporary directory on upgrade/uninstall (not remove)
  to prevent RPM warnings/errors
- Don't empty directories not owned by this package (these should
  have been cleaned up by previous versions that owned them)

OBS-URL: https://build.opensuse.org/request/show/858101
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=364
2020-12-22 10:09:07 +00:00
Dominique Leuenberger
657eacfec6 Accepting request 855581 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/855581
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=171
2020-12-14 17:09:02 +00:00
6a9f734080 Accepting request 855568 from home:adkorte:branches:server:php:applications
- Use %apache_request_restart/%apache_restart_if_needed macros to restart
  apache in order to prevent unneccessary restarts

- Package language files in separately

- Put Apache configuration files in separate subpackage
- Generate blowfish secret with openssl on non-openSUSE systems as
  pwgen is not available

- Use system apache rpm macros

OBS-URL: https://build.opensuse.org/request/show/855568
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=362
2020-12-13 14:54:11 +00:00
Dominique Leuenberger
a4ed46c15e Accepting request 847421 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/847421
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=170
2020-11-25 18:29:36 +00:00
d5738e9737 Accepting request 847420 from home:ecsos:server
- Update to 5.0.4
  - issue #16245 Fix failed Zoom search clears existing values
  - issue        Fixed a PHP error when reporting a particular JS error
  - issue #16326 Fixed latitude and longitude swap for geometries in edit mode
  - issue #16032 Fix CREATE TABLE not being tracked when auto tracking is enabled
  - issue #16397 Fix compatibility problems with older PHP versions (also issue #16399)
  - issue #16396 Fix broken two-factor authentication
- Changes from 5.0.3
  - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_3/ChangeLog
- Changes from 5.0.2
  - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_2/ChangeLog
- Changes from 5.0.1
  - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_1/ChangeLog
- Changes from 5.0.0
  - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_0/ChangeLog
- Set php >= 7.4 as recommends because:
  Due to changes in the MySQL authentication method, PHP versions 
  prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer 
  server (our tests show the problem actually began with MySQL 8.0.11).
  This relates to a PHP bug https://bugs.php.net/bug.php?id=76243.
- Remove Suggests: php-mcrypt as described in boo#1050980
- Change tmpdir from ap_docroot/tmp to localstatedir/cache/phpMyAdmin.

OBS-URL: https://build.opensuse.org/request/show/847420
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=360
2020-11-10 08:40:14 +00:00
Dominique Leuenberger
255a824de9 Accepting request 842100 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/842100
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=169
2020-10-18 14:30:51 +00:00
e90fa0ce35 Accepting request 842056 from home:AndreasStieger:branches:server:php:applications
phpMyAdmin 4.9.7

OBS-URL: https://build.opensuse.org/request/show/842056
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=358
2020-10-16 12:08:49 +00:00
Dominique Leuenberger
fac909dffd Accepting request 841132 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/841132
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=168
2020-10-12 11:59:32 +00:00
97c0a49cac Accepting request 841131 from home:ecsos:server
- Update to 4.9.6
    This is a security release.
- Fix boo#1177561 (CVE-2020-26934, PMASA-2020-5) XSS relating to
  the transformation feature
- Fix boo#1177562 (CVE-2020-26935, PMASA-2020-6) SQL injection 
  vulnerability in SearchController

OBS-URL: https://build.opensuse.org/request/show/841131
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=356
2020-10-12 06:40:27 +00:00
Dominique Leuenberger
3e68e7d9f7 Accepting request 799854 from server:php:applications
fix for boo#1170743 (forwarded request 799851 from computersalat)

OBS-URL: https://build.opensuse.org/request/show/799854
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=167
2020-05-03 20:47:29 +00:00
Christian Wittmer
fabe47cb05 Accepting request 799851 from home:computersalat:devel:php
fix for boo#1170743

OBS-URL: https://build.opensuse.org/request/show/799851
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=354
2020-05-03 15:30:54 +00:00
Christian Wittmer
f5c64e65a3 Accepting request 799642 from home:adkorte:branches:server:php:applications
- Don't expand @FQDN@ from /etc/HOSTNAME (this used to set $cfg['PmaAbsoluteUri'] parameter, but this variable is no longer in the config.sample.ini file)

OBS-URL: https://build.opensuse.org/request/show/799642
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=353
2020-05-02 23:46:46 +00:00
Dominique Leuenberger
6db948484a Accepting request 798649 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/798649
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=166
2020-04-28 20:32:33 +00:00
Dirk Stoecker
dd077342c3 Accepting request 796504 from home:dimstar:Factory
- Drop python-devel BuildRequires: python2 is EOL and this seems
  unused.
- Drop xz BuildRequires: OBS takes care of unpacking the tarball.

OBS-URL: https://build.opensuse.org/request/show/796504
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=351
2020-04-28 11:42:32 +00:00
Dominique Leuenberger
2df81e202e Accepting request 787669 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/787669
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=165
2020-03-27 20:56:17 +00:00
2a522d4def Accepting request 787592 from home:AndreasStieger:branches:server:php:applications
add bug IDs for 4.9.5 release

OBS-URL: https://build.opensuse.org/request/show/787592
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=349
2020-03-24 06:38:27 +00:00
Dominique Leuenberger
3cef812359 Accepting request 787359 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/787359
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=164
2020-03-23 11:51:20 +00:00
bc02fff1c5 Accepting request 787358 from home:ecsos:server
- Update to 4.9.5
  This is a security release containing several bug fixes.
  * PMASA-2020-2 SQL injection vulnerability in the user accounts
    page, particularly when changing a password
  * PMASA-2020-3 SQL injection vulnerability relating to the search
    feature
  * PMASA-2020-4 SQL injection and XSS having to do with displaying
    results
  * Removing of the "options" field for the external
    transformation.

OBS-URL: https://build.opensuse.org/request/show/787358
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=347
2020-03-23 07:52:31 +00:00
Dominique Leuenberger
601b7228df Accepting request 766405 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/766405
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=163
2020-01-28 09:54:09 +00:00
9f3e47e4c7 Accepting request 766403 from home:computersalat:devel:php
fix for boo#1092345, change ap_docroot from /srv/www/htdocs to /usr/share

OBS-URL: https://build.opensuse.org/request/show/766403
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=345
2020-01-22 19:44:52 +00:00
Dominique Leuenberger
44c9416583 Accepting request 761881 from server:php:applications
fix for boo#1160456 (PMASA-2020-1, CVE-2020-5504) (forwarded request 761879 from computersalat)

OBS-URL: https://build.opensuse.org/request/show/761881
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=162
2020-01-08 16:57:29 +00:00
Christian Wittmer
930a63549c Accepting request 761879 from home:computersalat:devel:php
fix for boo#1160456 (PMASA-2020-1, CVE-2020-5504)

OBS-URL: https://build.opensuse.org/request/show/761879
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=343
2020-01-08 14:52:55 +00:00
Dominique Leuenberger
93de87a6ec Accepting request 760059 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/760059
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=161
2019-12-31 09:28:12 +00:00
294a43571f Accepting request 760058 from home:ecsos:server
Update to 4.9.3.
Last version which is compatible with php7 < 7.4

OBS-URL: https://build.opensuse.org/request/show/760058
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=341
2019-12-30 15:50:22 +00:00
Dominique Leuenberger
ecf0455293 Accepting request 750630 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/750630
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=160
2019-11-25 10:25:35 +00:00
760e1a8581 Accepting request 750415 from home:AndreasStieger:branches:server:php:applications
phpMyAdmin 4.9.2 CVE-2019-18622 boo#1157614

OBS-URL: https://build.opensuse.org/request/show/750415
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=339
2019-11-24 17:54:18 +00:00
Dominique Leuenberger
c58adef988 Accepting request 732410 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/732410
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=159
2019-09-23 10:39:12 +00:00
cbdc83f4f9 Accepting request 732397 from home:AndreasStieger:branches:server:php:applications
phpMyAdmin 4.9.1 CVE-2019-12922 boo#1150914

OBS-URL: https://build.opensuse.org/request/show/732397
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=337
2019-09-21 20:28:19 +00:00
Dominique Leuenberger
c31c698050 Accepting request 712644 from server:php:applications
fix changelog (forwarded request 712643 from computersalat)

OBS-URL: https://build.opensuse.org/request/show/712644
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=158
2019-07-01 08:44:30 +00:00
Christian Wittmer
60d7c81750 Accepting request 712643 from home:computersalat:devel:php
fix changelog

OBS-URL: https://build.opensuse.org/request/show/712643
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=335
2019-06-30 13:18:37 +00:00
Dominique Leuenberger
577824adb4 Accepting request 707877 from server:php:applications
- phpMyAdmin 4.9.0.1:
  * CVE-2019-11768: PMASA-2019-3 is an SQL injection flaw in the 
    Designer feature
  * CVE-2019-12616: PMASA-2019-4 is a CSRF attack that's possible 
    through the 'cookie' login form
  * Several issues with SYSTEM VERSIONING tables
  * Fixed json encode error in export
  * Fixed JavaScript events not activating on input 
    (sql bookmark issue)
  * Show Designer combo boxes when adding a constraint
  * Fix edit view
  * Fixed invalid default value for bit field
  * Fix several errors relating to GIS data types
  * Fixed javascript error PMA_messages is not defined
  * Fixed import XML data with leading zeros
  * Fixed php notice, added support for 'DELETE HISTORY' table
    privilege (MariaDB >= 10.3.4)
  * Fixed MySQL 8.0.0 issues with GIS display
  * Fixed "Server charset" in "Database server" tab showing wrong 
    information
  * Fixed can not copy user on Percona Server 5.7
  * Updated sql-parser to version 4.3.2, which fixes several 
    parsing and linting problems

OBS-URL: https://build.opensuse.org/request/show/707877
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=157
2019-06-06 16:18:07 +00:00
5f11dca664 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=333 2019-06-05 15:23:18 +00:00
20dbc2b47f OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=332 2019-06-05 15:23:11 +00:00
14d28329f7 Accepting request 707875 from home:ecsos:server
- phpMyAdmin 4.9.0.1:
  * CVE-2019-11768: PMASA-2019-3 is an SQL injection flaw in the 
    Designer feature
  * CVE-2019-12616: PMASA-2019-4 is a CSRF attack that's possible 
    through the 'cookie' login form
  * Several issues with SYSTEM VERSIONING tables
  * Fixed json encode error in export
  * Fixed JavaScript events not activating on input 
    (sql bookmark issue)
  * Show Designer combo boxes when adding a constraint
  * Fix edit view
  * Fixed invalid default value for bit field
  * Fix several errors relating to GIS data types
  * Fixed javascript error PMA_messages is not defined
  * Fixed import XML data with leading zeros
  * Fixed php notice, added support for 'DELETE HISTORY' table
    privilege (MariaDB >= 10.3.4)
  * Fixed MySQL 8.0.0 issues with GIS display
  * Fixed "Server charset" in "Database server" tab showing wrong 
    information
  * Fixed can not copy user on Percona Server 5.7
  * Updated sql-parser to version 4.3.2, which fixes several 
    parsing and linting problems

OBS-URL: https://build.opensuse.org/request/show/707875
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=331
2019-06-05 15:15:28 +00:00
Stephan Kulow
f871c84738 Accepting request 671018 from server:php:applications
OBS-URL: https://build.opensuse.org/request/show/671018
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=156
2019-02-04 13:26:13 +00:00
8637961872 Accepting request 670630 from home:AndreasStieger:branches:server:php:applications
- phpMyAdmin 4.8.5:
  * CVE-2019-6799: Arbitrary file read vulnerability (PMASA-2019-1,
    bsc#1123272)
  * CVE-2019-6798: SQL injection in the Designer interface
    PMASA-2019-2, bsc#1123271)

OBS-URL: https://build.opensuse.org/request/show/670630
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=329
2019-02-04 10:50:07 +00:00
Dominique Leuenberger
b9453b858d Accepting request 657517 from server:php:applications
- update to 4.8.4 (2018-12-11)
  - gh#14452 Remove hash param in edit query URL
  - gh#14295 Issue in Changing theme
  - gh#13267 Ensure that database names with '.' are handled 
    properly when DisableIS is true
  - gh#14438 Invisible Icon "Show Full Queries"
  - gh#14133 CSS issue in Designer
  - gh#14447 Error while copying database (pma__column_info)
  - gh#14571 "No database selected" - DROP a view
  - gh#14636 Move operation causes SELECT * FROM `undefined`
  - gh#14630 Enum '0' produces incorrect search SQL
  - gh#14223 Fix TypeError in database designer
  - gh#13621 QBE selenium tests broken since merge of #13342
  - gh#14672 When logging with $cfg['AuthLog'] to syslog, 
    successful login messages were not logged even if 
    $cfg['AuthLogSuccess'] was true.
  - gh#14339 Fix infinite loop when sorting table rows by key.
  - gh#14658 Regression on multi table query functionality 
    (foreign keys)
  - gh#14617 Fix designer errors when database is empty
  - gh#13032 Fix designer errors when database contains special 
    chars
  - gh#14352 Fix designer javascript errors
  - gh#14764 Fix left/right icons hidden
- fix for boo#1119245
  - PMASA-2018-6 (CVE-2018-19968, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-6/
  - PMASA-2018-7 (CVE-2018-19969, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-7/
  - PMASA-2018-8 (CVE-2018-19970, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-8/

OBS-URL: https://build.opensuse.org/request/show/657517
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=155
2018-12-12 16:31:47 +00:00
10633498f7 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=327 2018-12-12 11:38:44 +00:00
1ba43e16c0 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=326 2018-12-12 11:36:29 +00:00
21efefd35e Accepting request 657509 from home:ecsos:server
- update to 4.8.4 (2018-12-11)
- fix for boo#???
  - PMASA-2018-6 (CVE-2018-19968, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-6/
  - PMASA-2018-7 (CVE-2018-19969, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-7/
  - PMASA-2018-8 (CVE-2018-19970, CWE-661)
    https://www.phpmyadmin.net/security/PMASA-2018-8/

OBS-URL: https://build.opensuse.org/request/show/657509
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=325
2018-12-12 11:09:55 +00:00