Accepting request 452521 from home:computersalat:devel:php

udpate to 4.6.6, fix for boo#1021597, several security fixes

OBS-URL: https://build.opensuse.org/request/show/452521
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=276

phpMyAdmin.changes

@@ -1,3 +1,78 @@
+-------------------------------------------------------------------
+Wed Jan 25 22:12:33 UTC 2017 - chris@computersalat.de
+
+- 4.6.6 (2017-01-23)
+  * gh#12759 Fix Notice regarding 'Undefined index: old_usergroup'
+  * gh#12760 Fix Notice regarding 'Undefined index: users'
+  * gh#12762 Fixed parsing of SQL with BINARY function
+  * gh#12588 ReCaptcha now works without allow_url_fopen
+  * gh#12699 Show no local storage warning only on settings tab
+  * gh#12778 Syntax Error in Adding/Changing TIMESTAMP columns with
+    default value as NULL
+  * gh#12769 Edit/Export links are not clickable under Routines tab
+  * gh#12757 Fixed creating new user with older MariaDB
+  * gh#12784 Remove ctype installation suggestion
+  * gh#12780 Format button replaces all text with blank spaces
+  * gh#12786 Fixed database searching
+  * gh#12792 Fixed javascript error on new version link
+  * gh#12785 Add information about required and suggested extensions
+    to composer.json
+  * gh#12801 Custom header shown twice with cookie login form
+  * gh#12802 Custom footer not shown with auth_type http login failure
+  * gh#12434 Improve documentation for servers running with Suhosin
+  * gh#12800 Updated embedded phpSecLib to 2.0.4
+  * gh#12800 Fixed various issues with PHP 7.1
+  * gh#11816 Fixed operation with lower_case_table_names=2
+  * gh#12813 Fixed stored procedure execution
+  * gh#12826 Honor user configured connection collation
+  * gh#12293 Correctly report OpenSSL errors from cookie encryption
+  * gh#12814 DateTime won't allow to input length in Routine editor
+  * gh#12840 Fix Notice regarding 'Undefined index: row_format' when
+    altering table options
+  * gh#12841 Fixed moving of columns with whitespace in name
+  * gh#12847 Fixed editing of virtual columns
+  * gh#12859 Changed WHERE condition to 0 instead of 1 for SQL query
+    window to avoid accidents
+  * gh#12872 Use same query for display and execution when dropping
+    index
+  * gh#12868 Fix check for user groups freatures being enabled
+  * gh#12876 Fix notices and warning related to dbs_to_test global
+  * gh#12831 Fix table formatting on Insert tab, which mostly
+    affected row highlighting
+  * gh#12495 Reintroduced phpinfo page with limited capabilities
+  * gh#12861 Fix renaming tables with lower_case_table_names=2
+  * gh#12876 Fix possible PHP error in navigation
+  * gh#12881 Fix database search with newer php-gettext
+  * gh#12894 Fix linter error on unterminated variable name
+  * gh#12732 Fixed filtering for active processes
+- fix for boo#1021597
+  * PMASA-2016-44 (CVE-2016-6621, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2016-44/
+    - Multiple vulnerabilities in setup script
+  * PMASA-2017-1 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-1/
+    - Open redirect
+  * PMASA-2017-2 ( CVE-2015-8980, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-2/
+    - php-gettext code execution
+  * PMASA-2017-3 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-3/
+    - DOS vulnerabiltiy in table editing
+  * PMASA-2017-4 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-4/
+    - CSS injection in themes
+  * PMASA-2017-5 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-5/
+    - Cookie attribute injection attack
+  * PMASA-2017-6 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-6/
+    - SSRF in replication
+  * PMASA-2017-7 ( CVE-Nya, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2017-7/
+    - DOS in replication status
+- remove obsolete phpMyAdmin-12757_sql_syntax_errror.patch
+- rework phpMyAdmin-config.patch
+
 -------------------------------------------------------------------
 Thu Jan 19 17:42:49 UTC 2017 - ecsos@opensuse.org