Accepting request 249177 from server:php:applications

fix for bnc#896635, CVE-2014-6300 (forwarded request 249176 from computersalat) OBS-URL: https://build.opensuse.org/request/show/249177 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/phpMyAdmin?expand=0&rev=74
2014-09-15 15:41:26 +00:00 · 2014-09-15 15:41:26 +00:00 · ae32758f02
commit ae32758f02
parent 1ecbacc03d 0ccee882b4
4 changed files with 14 additions and 4 deletions
--- a/phpMyAdmin-4.2.8-all-languages.tar.bz2
+++ b/phpMyAdmin-4.2.8-all-languages.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f2cf7ae0d4cc2e38f5bac6dbcb281e56e9738a669f7952e0c79fb09309f9f349
-size 6748400
--- a/phpMyAdmin-4.2.8.1-all-languages.tar.bz2
+++ b/phpMyAdmin-4.2.8.1-all-languages.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:32c00695a40d00f17583cde1f8ad9ea032817607c5371e8da159d40b8d4be2ee
+size 6752189
--- a/phpMyAdmin.changes
+++ b/phpMyAdmin.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Sun Sep 14 21:10:17 UTC 2014 - chris@computersalat.de
+
+- fix for bnc#896635
+  * update to 4.2.8.1 (2014-09-13)
+  * PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352)
+    http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
+    - sf#4530 [security] DOM based XSS that results to a CSRF 
+      that creates a ROOT account in certain conditions
+
 -------------------------------------------------------------------
 Fri Sep  5 18:39:29 UTC 2014 - chris@computersalat.de

--- a/phpMyAdmin.spec
+++ b/phpMyAdmin.spec
@ -34,7 +34,7 @@ Name:           phpMyAdmin
 Summary:        Administration of MySQL over the web
 License:        GPL-2.0+
 Group:          Productivity/Networking/Web/Frontends
-Version:        4.2.8
+Version:        4.2.8.1
 Release:        0
 Url:            http://www.phpMyAdmin.net
 Source0:        http://sourceforge.net/projects/phpmyadmin/files/%{name}-%{version}-all-languages.tar.bz2