From d443b7b40da056f6fadc144c5afd0a7b98167c67f23eb556847119cc1bfdee6a Mon Sep 17 00:00:00 2001 From: Christian Wittmer Date: Fri, 22 Jun 2018 13:56:00 +0000 Subject: [PATCH] Accepting request 618497 from home:computersalat:devel:php update to 4.8.2, fix for boo#1098751, PMASA-2018-3 (CVE-2018-12581), PMASA-2018-4 (CVE-2018-12613) OBS-URL: https://build.opensuse.org/request/show/618497 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=318 --- phpMyAdmin-4.8.1-all-languages.tar.xz | 3 --- phpMyAdmin-4.8.1-all-languages.tar.xz.asc | 16 -------------- phpMyAdmin-4.8.2-all-languages.tar.xz | 3 +++ phpMyAdmin-4.8.2-all-languages.tar.xz.asc | 16 ++++++++++++++ phpMyAdmin.changes | 27 +++++++++++++++++++---- phpMyAdmin.spec | 2 +- 6 files changed, 43 insertions(+), 24 deletions(-) delete mode 100644 phpMyAdmin-4.8.1-all-languages.tar.xz delete mode 100644 phpMyAdmin-4.8.1-all-languages.tar.xz.asc create mode 100644 phpMyAdmin-4.8.2-all-languages.tar.xz create mode 100644 phpMyAdmin-4.8.2-all-languages.tar.xz.asc diff --git a/phpMyAdmin-4.8.1-all-languages.tar.xz b/phpMyAdmin-4.8.1-all-languages.tar.xz deleted file mode 100644 index d5a81e4..0000000 --- a/phpMyAdmin-4.8.1-all-languages.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3bf228f026899acc0c016446501317bfb58938d6bd3816fe90a702e3f401f913 -size 5916536 diff --git a/phpMyAdmin-4.8.1-all-languages.tar.xz.asc b/phpMyAdmin-4.8.1-all-languages.tar.xz.asc deleted file mode 100644 index ff15e27..0000000 --- a/phpMyAdmin-4.8.1-all-languages.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlsHerwACgkQznUvF4JZ -vZIgKRAAqG5CAj0U5urpqhgTgnck0jnyaAvx/42kDb6Mhe6BmJ0/6hoqVoOpUw+o -TwS3rjGO9ffbDBrsj2e2TOALG2XQgj0gIqks54qpRmgr5KW/6wtGs9bp+FMX8u6s -0VBuiheMLOOhMm+ox+gHnjO6wp2r6gZkcdupqN6cBcnDbj2vQ7iZLX/DgquSo8VY -xfDNgwtwiy2leqd69LHYEIyblg7VZSAFHFeGtqaUByZ6E/8PiDHnNMSMW2OBvG9v -fLvLra1RFuCq7sv0gk01Wq4uoAlFa1kREbmESXelggAYHuk8bL8z+myAeXngNK1l -ijBsRAC7D0YJQ308mrLGrQo+xBLh2DE3y/wBALO9EWpinPNC9sUuAchz2vR6ZPsl -AlGWjikQfcEIzSo2bMT6l+4N2KI+hq6g/tud/LsaLQ4E8RvsjS30A3sT+FksiQrc -IXWKh4Hfpxfk/A2NWfH/2hnIBMghVSXfAWIwdLFkNAPCPMESaCCfZuDHCDLD1Dhn -Vuh436NE0cFEUTkW29biOeb/5cAjL9a3GiNHwrafixRIuBrKFtp1FNEswqb4wEyu -xKA2q8II3j5friGkJ56JuNZqESwtxL7DZ3oSYAtj8Ws5FZAmQ8DDA8JSr1e8KgRN -s1iFEY9Tw6kVGLU4afY2PGEbtmPNewqdMvYAcD8SRlHeiUIr/Ag= -=a68W ------END PGP SIGNATURE----- diff --git a/phpMyAdmin-4.8.2-all-languages.tar.xz b/phpMyAdmin-4.8.2-all-languages.tar.xz new file mode 100644 index 0000000..38ac6ab --- /dev/null +++ b/phpMyAdmin-4.8.2-all-languages.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2b42e75274ab078a0c2ca3aff767f45d1d81849f9f762a2ed0674819f061ba1d +size 5914400 diff --git a/phpMyAdmin-4.8.2-all-languages.tar.xz.asc b/phpMyAdmin-4.8.2-all-languages.tar.xz.asc new file mode 100644 index 0000000..f1ffb5b --- /dev/null +++ b/phpMyAdmin-4.8.2-all-languages.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEPQalns5zDrcbURwXznUvF4JZvZIFAlsr3Y4ACgkQznUvF4JZ +vZLpLw/+Ies53g2QsEuK23Gi5XdcYgRr7J2J4QxddSA1hOybr9WYSPNcvk6fBNxP +62n3qiggSJzU6M34qInVu2HhvSAx3lYMdcAyHM522CbAFwMY1smNHIbhUokF84IF +1cbICSpgkC6lMKR5MgmIr6UaWTeyVvu0PAg+tdWwxYx1zVSZuRZoEjxeBYmYyoRT +9oIwk3fAKB6hQBoTQs/fZ+/cwwpqGOUrpDVOxWxkIlKUmsLrGLueDdTHeAFf2UtV +mSHyW3q9MEarUYrP8DvIdZ+WyeMD4ucK4vwNZNom1RplbwkRAPuRhFY7ZAMH7soj +iRQMLjZdeaCABllRG/bBkLBk0pPuF+ATwPVGPgeJAzilMEKLnhxflLprvEF+U9pK +UEfdSMyJQwjxTKdUj8SOnj4LH0T4MwhS67ZiyWnsmxaKlwnylvEVup81OAZDXxtU +7Aab49Ii5KBQcdOcNyzgC3QzEzUaP6MckS9Hb92zVyEpbCAuFHqoCFhbMa7H+lUk +TaoInWGKb9CbAKYtj0QiDYH9AER7xiXabpRvZS7oWRQ7D2xgROno5ElPOB52rGca +9/TTvtR48rGoLqHsZ4fyhyh4Th0Zx1Gvq1uxRZmaqBpQ3CxwLNovzO70/HS9MiRK +Q2ZBkvqWVuG7tDviqo/uGFDgX95okbMm43XdbjulOusHJ1PzeWo= +=1kw6 +-----END PGP SIGNATURE----- diff --git a/phpMyAdmin.changes b/phpMyAdmin.changes index 20ec495..0a5c32a 100644 --- a/phpMyAdmin.changes +++ b/phpMyAdmin.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Fri Jun 22 13:44:04 UTC 2018 - chris@computersalat.de + +- update to 4.8.2 (2018-06-21) + * issue #14370 WHERE 0 causes Fatal error + * issue #14225 Fix missing index icon +- fix for boo#1098751 + * PMASA-2018-3 (CVE-2018-12581, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2018-3/ + - XSS in Designer feature + * PMASA-2018-4 (CVE-2018-12613, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2018-4/ + - File inclusion and remote code execution attack +- some minor changelog fixes about security fix entries + ------------------------------------------------------------------- Sat May 26 08:32:00 UTC 2018 - ecsos@opensuse.org @@ -31,8 +46,10 @@ Sat May 26 08:32:00 UTC 2018 - ecsos@opensuse.org Fri Apr 20 09:55:08 UTC 2018 - ecsos@opensuse.org - update to 4.8.0.1 (2018-04-19) - * Fix [security] Multiple CSRF vulnerabilities, See PMASA-2018-02 - (boo#1090309, CVE-2018-10188) +- fix for boo#1090309 + * PMASA-2018-2 (CVE-2018-10188, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2018-2/ + - Multiple CSRF vulnerabilities ------------------------------------------------------------------- Wed Apr 11 20:02:26 UTC 2018 - ecsos@opensuse.org @@ -136,11 +153,13 @@ Tue Mar 6 13:43:10 UTC 2018 - ecsos@opensuse.org Thu Feb 22 20:30:07 UTC 2018 - astieger@suse.com - phpMyAdmin 4.7.8: - * CVE-2018-7260: self-cross site scripting (XSS) vulnerability - in the central columns feature (boo#1082188) * Fixed error handling with PHP 7.2 * Fixed resetting default setting values * Fixed fallback value for collation connection +- fix for boo#1082188 + * PMASA-2018-1 (CVE-2018-7260, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2018-1/ + - Fix XSS in Central Columns Feature ------------------------------------------------------------------- Mon Dec 25 19:14:32 UTC 2017 - astieger@suse.com diff --git a/phpMyAdmin.spec b/phpMyAdmin.spec index 472f04b..3326b2d 100644 --- a/phpMyAdmin.spec +++ b/phpMyAdmin.spec @@ -29,7 +29,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.8.1 +Version: 4.8.2 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0-or-later