rpm/phpMyAdmin
SHA256
1
0
Fork 0
forked from pool/phpMyAdmin
Code Pull Requests Activity

Accepting request 185995 from home:julianladisch:branches:server:php:applications

Browse Source 
update to 4.0.5 (2013-08-04)

OBS-URL: https://build.opensuse.org/request/show/185995
OBS-URL: https://build.opensuse.org/package/show/server:php:applications/phpMyAdmin?expand=0&rev=70
This commit is contained in:
Christian Wittmer
2013-08-06 11:00:18 +00:00
committed by Git OBS Bridge
parent 67da26ad23
commit e72432a122
4 changed files with 41 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
phpMyAdmin.changes
View File

@@ -1,15 +1,46 @@
-------------------------------------------------------------------
Mon Aug 5 21:51:23 UTC 2013 - obs@ladisch.de
- update to 4.0.5 (2013-08-04)
+ sf#3977 Not detected configuration storage
+ sf#3970 Pressing enter in the filter field reloads page
+ sf#3984 Cannot insert in this table (PHP < 5.4)
+ sf#3989 Reloading privileges does not update the interface
+ sf#3960 NavigationBarIconic config not honored
+ sf#3985 Call to undefined function mb_detect_encoding
+ sf#4007 Analyze option not shown for InnoDB tables
+ sf#4015 Forcing a storage engine for configuration storage
+ bug Incorrect Drizzle 7 detection
+ sf#4019 Create database if not exists (export): add an option to the
interface to enable generating CREATE DATABASE and USE (false by default)
+ sf#4012 Crash on CSV file import
+ sf#4009 Statistic Monitor shows only last 3 digits in graph
+ sf#3998 Non-permanent SQL history not working
+ sf#3578 Transformations for text/plain on a BLOB column
+ [security] Improved protection against cross framing, see PMASA-2013-10
(CVE-2013-5029 CWE-661 CWE-693)
+ Reinstated configuration directive: AllowThirdPartyFraming
-------------------------------------------------------------------
Mon Aug 5 21:32:45 UTC 2013 - obs@ladisch.de
- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes
- add CVEs to 4.0.4.2 changes
-------------------------------------------------------------------
Mon Jul 29 20:07:45 UTC 2013 - chris@computersalat.de
- fix for bnc#831896
* multiple XSS issues (+ a SQL injection and full path disclosure flaw)
* fix for PMASA-2013-9 (CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-11 (CWE-300 CWE-79)
* fix for PMASA-2013-12 (CWE-661 CWE-200)
* fix for PMASA-2013-13 (CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-14 (CWE-661 CWE-79)
* fix for PMASA-2013-15 (CWE-661 CWE-89 CWE-269)
* fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)
* fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)
* fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)
* fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)
* fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)
* fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
- update to 4.0.4.2 (2013-07-28)
* [security] fix unescaped parameter, see PMASA-2013-8
* [security] Fix stored XSS in Server status monitor, see PMASA-2013-9
* [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9
* [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9