Git

git@phpmyadmin.net

6 participants
38448 discussions

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 56e9ed: fix unescaped parameter, see PMASA-2013-8 for deta...
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/STABLE Home: https://github.com/phpmyadmin/phpmyadmin Commit: 56e9ede5223219cef2187ced385924ef2e0ae21d https://github.com/phpmyadmin/phpmyadmin/commit/56e9ede5223219cef2187ced385… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- fix unescaped parameter, see PMASA-2013-8 for details Commit: ff27a2c5e0c706f401b7ee8677cbd46568a4eca2 https://github.com/phpmyadmin/phpmyadmin/commit/ff27a2c5e0c706f401b7ee8677c… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- add total as parameter to message Commit: 2005c4b7c15afa61a41e1087464fe12645f535e1 https://github.com/phpmyadmin/phpmyadmin/commit/2005c4b7c15afa61a41e1087464… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M server_status.php Log Message: ----------- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 Commit: d096a0fc46ef4708f3f4a440a8aba40163e3b72a https://github.com/phpmyadmin/phpmyadmin/commit/d096a0fc46ef4708f3f4a440a8a… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/navigation/NavigationHeader.class.php Log Message: ----------- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 Commit: e0d8568ac681073b09f10ad1c4d801df36290036 https://github.com/phpmyadmin/phpmyadmin/commit/e0d8568ac681073b09f10ad1c4d… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/config/validate.lib.php Log Message: ----------- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 Commit: 0fea53b7b82134ce0e1979a71b7ce080b5b6ff9a https://github.com/phpmyadmin/phpmyadmin/commit/0fea53b7b82134ce0e1979a71b7… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12 Move the PHPMYADMIN constant definition earlier Commit: 45d3f4326cad32b09b8d3a07382faf1eeda30dba https://github.com/phpmyadmin/phpmyadmin/commit/45d3f4326cad32b09b8d3a07382… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php Log Message: ----------- Fix merge conflicts Commit: 8e4fe7c57a976f2ce9a6931687f4697d519111ec https://github.com/phpmyadmin/phpmyadmin/commit/8e4fe7c57a976f2ce9a6931687f… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12 Commit: 90d968b447729405ee8b6cc5bb406b832ec3c99f https://github.com/phpmyadmin/phpmyadmin/commit/90d968b447729405ee8b6cc5bb4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/config.default.php M libraries/plugins/auth/swekey/swekey.auth.lib.php Log Message: ----------- Fix merge conflicts Commit: 7992beb8e42f2a4a3dab275b119d1ebd58e3b164 https://github.com/phpmyadmin/phpmyadmin/commit/7992beb8e42f2a4a3dab275b119… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- Move protection statement at beginning of script Commit: 7bfe445f9919716460e006faf7aa226279944e23 https://github.com/phpmyadmin/phpmyadmin/commit/7bfe445f9919716460e006faf7a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php Log Message: ----------- Fix merge conflicts Commit: 142e465c80a1fb3d71e214d29c566c15a416518d https://github.com/phpmyadmin/phpmyadmin/commit/142e465c80a1fb3d71e214d29c5… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: f7065ee2a828368f4037dbaba5aeb69803094eea https://github.com/phpmyadmin/phpmyadmin/commit/f7065ee2a828368f4037dbaba5a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R libraries/.htaccess Log Message: ----------- Delete .htaccess which does not work on all web servers Commit: 14292721367bafa8778b436063e0fb893364e709 https://github.com/phpmyadmin/phpmyadmin/commit/14292721367bafa8778b436063e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Remove other .htaccess for directories which are not at risk Commit: 257bd7349c312a05bde28732d8b8a72d0191cdad https://github.com/phpmyadmin/phpmyadmin/commit/257bd7349c312a05bde28732d8b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for full path disclosure fixes Commit: 974d0dedeea7c79ac4533e614d9c0c3abd97e8f9 https://github.com/phpmyadmin/phpmyadmin/commit/974d0dedeea7c79ac4533e614d9… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M pmd_pdf.php Log Message: ----------- [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 Commit: 8ef025ef3d05c164654fee7001517626cf604bb1 https://github.com/phpmyadmin/phpmyadmin/commit/8ef025ef3d05c164654fee70015… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M schema_export.php Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015 Commit: 1293e9b6e9eb7a831c5738f346ea44dee6d1bf0f https://github.com/phpmyadmin/phpmyadmin/commit/1293e9b6e9eb7a831c5738f346e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14 Commit: b9c814ed6d59733c54965e01e90ffd5d3348fd2c https://github.com/phpmyadmin/phpmyadmin/commit/b9c814ed6d59733c54965e01e90… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11 Commit: e0c8704f725c56c87b644676ded94dba695de39f https://github.com/phpmyadmin/phpmyadmin/commit/e0c8704f725c56c87b644676ded… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php Log Message: ----------- [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 Commit: ad54449d105365dbbd39ae879306f1037fe238cd https://github.com/phpmyadmin/phpmyadmin/commit/ad54449d105365dbbd39ae87930… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.0.4.2 release Commit: 1c5fc019bb03e95c287f94d39acfb31c36db642b https://github.com/phpmyadmin/phpmyadmin/commit/1c5fc019bb03e95c287f94d39ac… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M README M doc/conf.py R libraries/.htaccess M libraries/Config.class.php M libraries/DisplayResults.class.php M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php M libraries/common.inc.php M libraries/config.default.php M libraries/config/validate.lib.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php M libraries/navigation/NavigationHeader.class.php M libraries/plugins/auth/swekey/swekey.auth.lib.php M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php M libraries/pmd_common.php M libraries/schema/Export_Relation_Schema.class.php M libraries/schema/Pdf_Relation_Schema.class.php M pmd_pdf.php M schema_export.php M server_status.php R setup/frames/.htaccess R setup/lib/.htaccess M version_check.php Log Message: ----------- Merge branch 'MAINT_4_0_4' into STABLE Compare: https://github.com/phpmyadmin/phpmyadmin/compare/a20e99adb55b...1c5fc019bb03

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin]
by lem9 28 Jul '13

28 Jul '13

Branch: refs/tags/RELEASE_4_0_4_2 Home: https://github.com/phpmyadmin/phpmyadmin

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin]
by lem9 28 Jul '13

28 Jul '13

Branch: refs/tags/RELEASE_3_5_8_2 Home: https://github.com/phpmyadmin/phpmyadmin

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] ad5444: 4.0.4.2 release
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/QA_4_0 Home: https://github.com/phpmyadmin/phpmyadmin Commit: ad54449d105365dbbd39ae879306f1037fe238cd https://github.com/phpmyadmin/phpmyadmin/commit/ad54449d105365dbbd39ae87930… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.0.4.2 release Commit: f5136aea9ec3910e09df477683644f6212baa89a https://github.com/phpmyadmin/phpmyadmin/commit/f5136aea9ec3910e09df4776836… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Log Message: ----------- Merge branch 'MAINT_4_0_4' into QA_4_0 Commit: af5ca358d2e21422f7af1b8054ac6ed5d071ab4f https://github.com/phpmyadmin/phpmyadmin/commit/af5ca358d2e21422f7af1b8054a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Fix merge conflicts Commit: 0e9e7f28a21eb352f6d85db84c4d5a8a397ad26e https://github.com/phpmyadmin/phpmyadmin/commit/0e9e7f28a21eb352f6d85db84c4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Fix merge conflicts Compare: https://github.com/phpmyadmin/phpmyadmin/compare/836529be425c...0e9e7f28a21e

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] ad5444: 4.0.4.2 release
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/MAINT_4_0_4 Home: https://github.com/phpmyadmin/phpmyadmin Commit: ad54449d105365dbbd39ae879306f1037fe238cd https://github.com/phpmyadmin/phpmyadmin/commit/ad54449d105365dbbd39ae87930… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.0.4.2 release

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] ad5444: 4.0.4.2 release
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/master Home: https://github.com/phpmyadmin/phpmyadmin Commit: ad54449d105365dbbd39ae879306f1037fe238cd https://github.com/phpmyadmin/phpmyadmin/commit/ad54449d105365dbbd39ae87930… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.0.4.2 release Commit: f5136aea9ec3910e09df477683644f6212baa89a https://github.com/phpmyadmin/phpmyadmin/commit/f5136aea9ec3910e09df4776836… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Log Message: ----------- Merge branch 'MAINT_4_0_4' into QA_4_0 Commit: af5ca358d2e21422f7af1b8054ac6ed5d071ab4f https://github.com/phpmyadmin/phpmyadmin/commit/af5ca358d2e21422f7af1b8054a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Fix merge conflicts Commit: 0e9e7f28a21eb352f6d85db84c4d5a8a397ad26e https://github.com/phpmyadmin/phpmyadmin/commit/0e9e7f28a21eb352f6d85db84c4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Fix merge conflicts Commit: fdb0ad1f69cc99a30bd9aca2c0e41edbe0c8ee83 https://github.com/phpmyadmin/phpmyadmin/commit/fdb0ad1f69cc99a30bd9aca2c0e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Merge branch 'QA_4_0' Compare: https://github.com/phpmyadmin/phpmyadmin/compare/269d0c89fe0c...fdb0ad1f69cc

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 56e9ed: fix unescaped parameter, see PMASA-2013-8 for deta...
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/master Home: https://github.com/phpmyadmin/phpmyadmin Commit: 56e9ede5223219cef2187ced385924ef2e0ae21d https://github.com/phpmyadmin/phpmyadmin/commit/56e9ede5223219cef2187ced385… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- fix unescaped parameter, see PMASA-2013-8 for details Commit: ff27a2c5e0c706f401b7ee8677cbd46568a4eca2 https://github.com/phpmyadmin/phpmyadmin/commit/ff27a2c5e0c706f401b7ee8677c… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- add total as parameter to message Commit: 2005c4b7c15afa61a41e1087464fe12645f535e1 https://github.com/phpmyadmin/phpmyadmin/commit/2005c4b7c15afa61a41e1087464… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M server_status.php Log Message: ----------- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 Commit: d096a0fc46ef4708f3f4a440a8aba40163e3b72a https://github.com/phpmyadmin/phpmyadmin/commit/d096a0fc46ef4708f3f4a440a8a… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/navigation/NavigationHeader.class.php Log Message: ----------- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 Commit: e0d8568ac681073b09f10ad1c4d801df36290036 https://github.com/phpmyadmin/phpmyadmin/commit/e0d8568ac681073b09f10ad1c4d… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/config/validate.lib.php Log Message: ----------- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 Commit: 0fea53b7b82134ce0e1979a71b7ce080b5b6ff9a https://github.com/phpmyadmin/phpmyadmin/commit/0fea53b7b82134ce0e1979a71b7… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12 Move the PHPMYADMIN constant definition earlier Commit: 45d3f4326cad32b09b8d3a07382faf1eeda30dba https://github.com/phpmyadmin/phpmyadmin/commit/45d3f4326cad32b09b8d3a07382… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php Log Message: ----------- Fix merge conflicts Commit: 8e4fe7c57a976f2ce9a6931687f4697d519111ec https://github.com/phpmyadmin/phpmyadmin/commit/8e4fe7c57a976f2ce9a6931687f… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12 Commit: 90d968b447729405ee8b6cc5bb406b832ec3c99f https://github.com/phpmyadmin/phpmyadmin/commit/90d968b447729405ee8b6cc5bb4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/config.default.php M libraries/plugins/auth/swekey/swekey.auth.lib.php Log Message: ----------- Fix merge conflicts Commit: 7992beb8e42f2a4a3dab275b119d1ebd58e3b164 https://github.com/phpmyadmin/phpmyadmin/commit/7992beb8e42f2a4a3dab275b119… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- Move protection statement at beginning of script Commit: 7bfe445f9919716460e006faf7aa226279944e23 https://github.com/phpmyadmin/phpmyadmin/commit/7bfe445f9919716460e006faf7a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php Log Message: ----------- Fix merge conflicts Commit: 142e465c80a1fb3d71e214d29c566c15a416518d https://github.com/phpmyadmin/phpmyadmin/commit/142e465c80a1fb3d71e214d29c5… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: f7065ee2a828368f4037dbaba5aeb69803094eea https://github.com/phpmyadmin/phpmyadmin/commit/f7065ee2a828368f4037dbaba5a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R libraries/.htaccess Log Message: ----------- Delete .htaccess which does not work on all web servers Commit: 14292721367bafa8778b436063e0fb893364e709 https://github.com/phpmyadmin/phpmyadmin/commit/14292721367bafa8778b436063e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Remove other .htaccess for directories which are not at risk Commit: 257bd7349c312a05bde28732d8b8a72d0191cdad https://github.com/phpmyadmin/phpmyadmin/commit/257bd7349c312a05bde28732d8b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for full path disclosure fixes Commit: 974d0dedeea7c79ac4533e614d9c0c3abd97e8f9 https://github.com/phpmyadmin/phpmyadmin/commit/974d0dedeea7c79ac4533e614d9… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M pmd_pdf.php Log Message: ----------- [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 Commit: 8ef025ef3d05c164654fee7001517626cf604bb1 https://github.com/phpmyadmin/phpmyadmin/commit/8ef025ef3d05c164654fee70015… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M schema_export.php Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015 Commit: 1293e9b6e9eb7a831c5738f346ea44dee6d1bf0f https://github.com/phpmyadmin/phpmyadmin/commit/1293e9b6e9eb7a831c5738f346e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14 Commit: b9c814ed6d59733c54965e01e90ffd5d3348fd2c https://github.com/phpmyadmin/phpmyadmin/commit/b9c814ed6d59733c54965e01e90… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11 Commit: e0c8704f725c56c87b644676ded94dba695de39f https://github.com/phpmyadmin/phpmyadmin/commit/e0c8704f725c56c87b644676ded… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php Log Message: ----------- [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 Commit: 836529be425c5a309549ef440ee4d3bd6b30ca29 https://github.com/phpmyadmin/phpmyadmin/commit/836529be425c5a309549ef440ee… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog R libraries/.htaccess M libraries/Config.class.php M libraries/DisplayResults.class.php M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php M libraries/common.inc.php M libraries/config.default.php M libraries/config/validate.lib.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php M libraries/navigation/NavigationHeader.class.php M libraries/plugins/auth/swekey/swekey.auth.lib.php M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php M libraries/pmd_common.php M libraries/schema/Export_Relation_Schema.class.php M libraries/schema/Pdf_Relation_Schema.class.php M pmd_pdf.php M schema_export.php M server_status.php R setup/frames/.htaccess R setup/lib/.htaccess M version_check.php Log Message: ----------- Fix merge conflicts Commit: 269d0c89fe0c652389295785ed9a9dc282c7616e https://github.com/phpmyadmin/phpmyadmin/commit/269d0c89fe0c652389295785ed9… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog R libraries/.htaccess M libraries/Config.class.php M libraries/DisplayResults.class.php M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php M libraries/common.inc.php M libraries/config.default.php M libraries/config/Validator.class.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php M libraries/navigation/NavigationHeader.class.php M libraries/plugins/auth/swekey/swekey.auth.lib.php M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php M libraries/pmd_common.php M libraries/schema/Export_Relation_Schema.class.php M libraries/schema/Pdf_Relation_Schema.class.php M libraries/server_status.lib.php M pmd_pdf.php M schema_export.php M server_status.php R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Fix merge conflicts Compare: https://github.com/phpmyadmin/phpmyadmin/compare/6df3c0adb58c...269d0c89fe0c

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 56e9ed: fix unescaped parameter, see PMASA-2013-8 for deta...
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/QA_4_0 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 56e9ede5223219cef2187ced385924ef2e0ae21d https://github.com/phpmyadmin/phpmyadmin/commit/56e9ede5223219cef2187ced385… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- fix unescaped parameter, see PMASA-2013-8 for details Commit: ff27a2c5e0c706f401b7ee8677cbd46568a4eca2 https://github.com/phpmyadmin/phpmyadmin/commit/ff27a2c5e0c706f401b7ee8677c… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- add total as parameter to message Commit: 2005c4b7c15afa61a41e1087464fe12645f535e1 https://github.com/phpmyadmin/phpmyadmin/commit/2005c4b7c15afa61a41e1087464… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M server_status.php Log Message: ----------- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 Commit: d096a0fc46ef4708f3f4a440a8aba40163e3b72a https://github.com/phpmyadmin/phpmyadmin/commit/d096a0fc46ef4708f3f4a440a8a… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/navigation/NavigationHeader.class.php Log Message: ----------- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 Commit: e0d8568ac681073b09f10ad1c4d801df36290036 https://github.com/phpmyadmin/phpmyadmin/commit/e0d8568ac681073b09f10ad1c4d… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/config/validate.lib.php Log Message: ----------- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 Commit: 0fea53b7b82134ce0e1979a71b7ce080b5b6ff9a https://github.com/phpmyadmin/phpmyadmin/commit/0fea53b7b82134ce0e1979a71b7… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12 Move the PHPMYADMIN constant definition earlier Commit: 45d3f4326cad32b09b8d3a07382faf1eeda30dba https://github.com/phpmyadmin/phpmyadmin/commit/45d3f4326cad32b09b8d3a07382… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php Log Message: ----------- Fix merge conflicts Commit: 8e4fe7c57a976f2ce9a6931687f4697d519111ec https://github.com/phpmyadmin/phpmyadmin/commit/8e4fe7c57a976f2ce9a6931687f… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12 Commit: 90d968b447729405ee8b6cc5bb406b832ec3c99f https://github.com/phpmyadmin/phpmyadmin/commit/90d968b447729405ee8b6cc5bb4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/config.default.php M libraries/plugins/auth/swekey/swekey.auth.lib.php Log Message: ----------- Fix merge conflicts Commit: 7992beb8e42f2a4a3dab275b119d1ebd58e3b164 https://github.com/phpmyadmin/phpmyadmin/commit/7992beb8e42f2a4a3dab275b119… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- Move protection statement at beginning of script Commit: 7bfe445f9919716460e006faf7aa226279944e23 https://github.com/phpmyadmin/phpmyadmin/commit/7bfe445f9919716460e006faf7a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php Log Message: ----------- Fix merge conflicts Commit: 142e465c80a1fb3d71e214d29c566c15a416518d https://github.com/phpmyadmin/phpmyadmin/commit/142e465c80a1fb3d71e214d29c5… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: f7065ee2a828368f4037dbaba5aeb69803094eea https://github.com/phpmyadmin/phpmyadmin/commit/f7065ee2a828368f4037dbaba5a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R libraries/.htaccess Log Message: ----------- Delete .htaccess which does not work on all web servers Commit: 14292721367bafa8778b436063e0fb893364e709 https://github.com/phpmyadmin/phpmyadmin/commit/14292721367bafa8778b436063e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Remove other .htaccess for directories which are not at risk Commit: 257bd7349c312a05bde28732d8b8a72d0191cdad https://github.com/phpmyadmin/phpmyadmin/commit/257bd7349c312a05bde28732d8b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for full path disclosure fixes Commit: 974d0dedeea7c79ac4533e614d9c0c3abd97e8f9 https://github.com/phpmyadmin/phpmyadmin/commit/974d0dedeea7c79ac4533e614d9… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M pmd_pdf.php Log Message: ----------- [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 Commit: 8ef025ef3d05c164654fee7001517626cf604bb1 https://github.com/phpmyadmin/phpmyadmin/commit/8ef025ef3d05c164654fee70015… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M schema_export.php Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015 Commit: 1293e9b6e9eb7a831c5738f346ea44dee6d1bf0f https://github.com/phpmyadmin/phpmyadmin/commit/1293e9b6e9eb7a831c5738f346e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14 Commit: b9c814ed6d59733c54965e01e90ffd5d3348fd2c https://github.com/phpmyadmin/phpmyadmin/commit/b9c814ed6d59733c54965e01e90… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11 Commit: e0c8704f725c56c87b644676ded94dba695de39f https://github.com/phpmyadmin/phpmyadmin/commit/e0c8704f725c56c87b644676ded… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php Log Message: ----------- [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 Commit: 836529be425c5a309549ef440ee4d3bd6b30ca29 https://github.com/phpmyadmin/phpmyadmin/commit/836529be425c5a309549ef440ee… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog R libraries/.htaccess M libraries/Config.class.php M libraries/DisplayResults.class.php M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php M libraries/common.inc.php M libraries/config.default.php M libraries/config/validate.lib.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php M libraries/navigation/NavigationHeader.class.php M libraries/plugins/auth/swekey/swekey.auth.lib.php M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php M libraries/pmd_common.php M libraries/schema/Export_Relation_Schema.class.php M libraries/schema/Pdf_Relation_Schema.class.php M pmd_pdf.php M schema_export.php M server_status.php R setup/frames/.htaccess R setup/lib/.htaccess M version_check.php Log Message: ----------- Fix merge conflicts Compare: https://github.com/phpmyadmin/phpmyadmin/compare/bf79ce910161...836529be425c

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 56e9ed: fix unescaped parameter, see PMASA-2013-8 for deta...
by Dieter Adriaenssens 28 Jul '13

28 Jul '13

Branch: refs/heads/MAINT_4_0_4 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 56e9ede5223219cef2187ced385924ef2e0ae21d https://github.com/phpmyadmin/phpmyadmin/commit/56e9ede5223219cef2187ced385… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- fix unescaped parameter, see PMASA-2013-8 for details Commit: ff27a2c5e0c706f401b7ee8677cbd46568a4eca2 https://github.com/phpmyadmin/phpmyadmin/commit/ff27a2c5e0c706f401b7ee8677c… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M libraries/DisplayResults.class.php Log Message: ----------- add total as parameter to message Commit: 2005c4b7c15afa61a41e1087464fe12645f535e1 https://github.com/phpmyadmin/phpmyadmin/commit/2005c4b7c15afa61a41e1087464… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M server_status.php Log Message: ----------- [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 Commit: d096a0fc46ef4708f3f4a440a8aba40163e3b72a https://github.com/phpmyadmin/phpmyadmin/commit/d096a0fc46ef4708f3f4a440a8a… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/navigation/NavigationHeader.class.php Log Message: ----------- [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 Commit: e0d8568ac681073b09f10ad1c4d801df36290036 https://github.com/phpmyadmin/phpmyadmin/commit/e0d8568ac681073b09f10ad1c4d… Author: J.M <me(a)mynetx.net> Date: 2013-07-07 (Sun, 07 Jul 2013) Changed paths: M ChangeLog M libraries/config/validate.lib.php Log Message: ----------- [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 Commit: 0fea53b7b82134ce0e1979a71b7ce080b5b6ff9a https://github.com/phpmyadmin/phpmyadmin/commit/0fea53b7b82134ce0e1979a71b7… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12 Move the PHPMYADMIN constant definition earlier Commit: 45d3f4326cad32b09b8d3a07382faf1eeda30dba https://github.com/phpmyadmin/phpmyadmin/commit/45d3f4326cad32b09b8d3a07382… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php Log Message: ----------- Fix merge conflicts Commit: 8e4fe7c57a976f2ce9a6931687f4697d519111ec https://github.com/phpmyadmin/phpmyadmin/commit/8e4fe7c57a976f2ce9a6931687f… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12 Commit: 90d968b447729405ee8b6cc5bb406b832ec3c99f https://github.com/phpmyadmin/phpmyadmin/commit/90d968b447729405ee8b6cc5bb4… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/config.default.php M libraries/plugins/auth/swekey/swekey.auth.lib.php Log Message: ----------- Fix merge conflicts Commit: 7992beb8e42f2a4a3dab275b119d1ebd58e3b164 https://github.com/phpmyadmin/phpmyadmin/commit/7992beb8e42f2a4a3dab275b119… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- Move protection statement at beginning of script Commit: 7bfe445f9919716460e006faf7aa226279944e23 https://github.com/phpmyadmin/phpmyadmin/commit/7bfe445f9919716460e006faf7a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbxt.lib.php Log Message: ----------- Fix merge conflicts Commit: 142e465c80a1fb3d71e214d29c566c15a416518d https://github.com/phpmyadmin/phpmyadmin/commit/142e465c80a1fb3d71e214d29c5… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: f7065ee2a828368f4037dbaba5aeb69803094eea https://github.com/phpmyadmin/phpmyadmin/commit/f7065ee2a828368f4037dbaba5a… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R libraries/.htaccess Log Message: ----------- Delete .htaccess which does not work on all web servers Commit: 14292721367bafa8778b436063e0fb893364e709 https://github.com/phpmyadmin/phpmyadmin/commit/14292721367bafa8778b436063e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Remove other .htaccess for directories which are not at risk Commit: 257bd7349c312a05bde28732d8b8a72d0191cdad https://github.com/phpmyadmin/phpmyadmin/commit/257bd7349c312a05bde28732d8b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for full path disclosure fixes Commit: 974d0dedeea7c79ac4533e614d9c0c3abd97e8f9 https://github.com/phpmyadmin/phpmyadmin/commit/974d0dedeea7c79ac4533e614d9… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M pmd_pdf.php Log Message: ----------- [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 Commit: 8ef025ef3d05c164654fee7001517626cf604bb1 https://github.com/phpmyadmin/phpmyadmin/commit/8ef025ef3d05c164654fee70015… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M schema_export.php Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015 Commit: 1293e9b6e9eb7a831c5738f346ea44dee6d1bf0f https://github.com/phpmyadmin/phpmyadmin/commit/1293e9b6e9eb7a831c5738f346e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14 Commit: b9c814ed6d59733c54965e01e90ffd5d3348fd2c https://github.com/phpmyadmin/phpmyadmin/commit/b9c814ed6d59733c54965e01e90… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11 Commit: e0c8704f725c56c87b644676ded94dba695de39f https://github.com/phpmyadmin/phpmyadmin/commit/e0c8704f725c56c87b644676ded… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M libraries/plugins/transformations/abstract/TextLinkTransformationsPlugin.class.php Log Message: ----------- [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 Compare: https://github.com/phpmyadmin/phpmyadmin/compare/e0c1ed02a11b...e0c8704f725c

1 0

[Phpmyadmin-git] [phpmyadmin/phpmyadmin] 01d35b: fix self-XSS, thanks to Michał Bentkowski for repo...
by Marc Delisle 28 Jul '13

28 Jul '13

Branch: refs/heads/MAINT_3_5_8 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 01d35b3558e47fba947719857bd71f6fd9e5dce8 https://github.com/phpmyadmin/phpmyadmin/commit/01d35b3558e47fba947719857bd… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M libraries/display_tbl.lib.php Log Message: ----------- fix self-XSS, thanks to Michał Bentkowski for reporting, see PMASA-2013-8 Commit: 99e97594258a10c55fb825de6a8031356d24dbe2 https://github.com/phpmyadmin/phpmyadmin/commit/99e97594258a10c55fb825de6a8… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for PMASA-2013-8 Commit: 7f9d762e89157144fbcc01167a3141e39ac25da1 https://github.com/phpmyadmin/phpmyadmin/commit/7f9d762e89157144fbcc01167a3… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M js/tbl_chart.js Log Message: ----------- Fix self-XSS in Display chart, see PMASA-2013-9 Commit: 6f003b0ccb1293e5ff5be41bd25582485f480743 https://github.com/phpmyadmin/phpmyadmin/commit/6f003b0ccb1293e5ff5be41bd25… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M server_status.php Log Message: ----------- Fix stored XSS in Server status monitor, see PMASA-2013-9 Commit: 7c58ed002f570c3793df0a77a625d3177ee9a12e https://github.com/phpmyadmin/phpmyadmin/commit/7c58ed002f570c3793df0a77a62… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M libraries/navigation_header.inc.php Log Message: ----------- Fix stored XSS in navigation panel logo link, see PMASA-2013-9 Commit: 845dae144f4ed665a14bf4912046d5d3d220ef96 https://github.com/phpmyadmin/phpmyadmin/commit/845dae144f4ed665a14bf491204… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M libraries/config/validate.lib.php Log Message: ----------- Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 Commit: 9d3941059a7e6a9c12f27c837ea3886b98ac653c https://github.com/phpmyadmin/phpmyadmin/commit/9d3941059a7e6a9c12f27c837ea… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- JSON content type header for version_check.php, see PMASA-2013-9 Commit: f8754f0c63b858a8338cb2e22003477b58a882d2 https://github.com/phpmyadmin/phpmyadmin/commit/f8754f0c63b858a8338cb2e2200… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: A js/jquery/jquery-1.6.2+fix-9521.js R js/jquery/jquery-1.6.2.js Log Message: ----------- Rename jQuery file Commit: adb2ed34dd40996b5bd269fed43c9c9904e563e5 https://github.com/phpmyadmin/phpmyadmin/commit/adb2ed34dd40996b5bd269fed43… Author: Dave Methvin <dave.methvin(a)gmail.com> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M js/jquery/jquery-1.6.2+fix-9521.js Log Message: ----------- Prioritize #id over <tag> to avoid XSS via location.hash (#9521) Signed-off-by: J.M. <me(a)mynetx.net> Commit: 2fd460fa60022206a14bd3ac3966c324ca93c3b1 https://github.com/phpmyadmin/phpmyadmin/commit/2fd460fa60022206a14bd3ac396… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M js/jquery/jquery-1.6.2+fix-9521.js Log Message: ----------- Add comment about included fix in jQuery file header Commit: 045a82e133ced81acf37b159c4a7270b0175070b https://github.com/phpmyadmin/phpmyadmin/commit/045a82e133ced81acf37b159c4a… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M index.php M libraries/common.inc.php M navigation.php M setup/index.php Log Message: ----------- Update jQuery references to jQuery-1.6.2+fix-9521.js Commit: d92ab0e10ad5ecc18db40412c54e354e2627e1ca https://github.com/phpmyadmin/phpmyadmin/commit/d92ab0e10ad5ecc18db40412c54… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- Add ChangeLog entry for jQuery 1.6.3 fix backport Commit: 299c481a58386a846884720d90682ad4079edf3a https://github.com/phpmyadmin/phpmyadmin/commit/299c481a58386a846884720d906… Author: J.M <me(a)mynetx.net> Date: 2013-07-08 (Mon, 08 Jul 2013) Changed paths: M ChangeLog M index.php A js/jquery/jquery-1.6.2+fix-9521.js R js/jquery/jquery-1.6.2.js M libraries/common.inc.php M navigation.php M setup/index.php Log Message: ----------- Merge branch 'mynetx/patch-jquery-1-6-2' [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9 Commit: 0440926bcdf98cda6f9096b7988bd8e01bf6711d https://github.com/phpmyadmin/phpmyadmin/commit/0440926bcdf98cda6f9096b7988… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-11 (Thu, 11 Jul 2013) Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12 Move the PHPMYADMIN constant definition earlier Commit: 63848b24389dfabda8306112e20742b3ff7b8b12 https://github.com/phpmyadmin/phpmyadmin/commit/63848b24389dfabda8306112e20… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-11 (Thu, 11 Jul 2013) Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PDF.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: 4cc91616057d7517df306fe27b291c9639493d88 https://github.com/phpmyadmin/phpmyadmin/commit/4cc91616057d7517df306fe27b2… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-12 (Fri, 12 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12 Commit: 5d49c44fb862bfdfb8205ff15e8469cfb1b1c5d9 https://github.com/phpmyadmin/phpmyadmin/commit/5d49c44fb862bfdfb8205ff15e8… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-13 (Sat, 13 Jul 2013) Changed paths: M libraries/auth/swekey/swekey.auth.lib.php M libraries/config.default.php M libraries/data_drizzle.inc.php M libraries/data_mysql.inc.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: 2f93578e20fd422f922183254dd50318d03a3e24 https://github.com/phpmyadmin/phpmyadmin/commit/2f93578e20fd422f922183254dd… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-15 (Mon, 15 Jul 2013) Changed paths: M libraries/common.inc.php Log Message: ----------- Move protection statement at beginning of script Commit: 8559162ebc8ce822fa01ac429a6aab08cfa4ceda https://github.com/phpmyadmin/phpmyadmin/commit/8559162ebc8ce822fa01ac429a6… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-15 (Mon, 15 Jul 2013) Changed paths: M libraries/dbi/drizzle-wrappers.lib.php M libraries/display_tbl.lib.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbms.lib.php M libraries/engines/pbxt.lib.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: 1c1e3dca2b0cdfe10615f51a73b7d00718ad8d4b https://github.com/phpmyadmin/phpmyadmin/commit/1c1e3dca2b0cdfe10615f51a73b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12 Commit: cd587e6fbce2a85fd6c435fec4ee9449b4c5c5df https://github.com/phpmyadmin/phpmyadmin/commit/cd587e6fbce2a85fd6c435fec4e… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R libraries/.htaccess Log Message: ----------- Delete .htaccess which does not work on all web servers Commit: 8e488a61de87c122d7ee28f03a3b31242d43fb18 https://github.com/phpmyadmin/phpmyadmin/commit/8e488a61de87c122d7ee28f03a3… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess Log Message: ----------- Remove other .htaccess for directories which are not at risk Commit: 3b723eba5b192804ab2476ceba7ecd3b471913c6 https://github.com/phpmyadmin/phpmyadmin/commit/3b723eba5b192804ab2476ceba7… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-17 (Wed, 17 Jul 2013) Changed paths: M ChangeLog Log Message: ----------- ChangeLog entry for full path disclosure fixes Commit: 4cbeef599cda87c6d2b1d7ef5542fe1ff316f706 https://github.com/phpmyadmin/phpmyadmin/commit/4cbeef599cda87c6d2b1d7ef554… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M pmd_pdf.php Log Message: ----------- Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 Commit: 20f71e767bcd037178cb5455543071323bc7ffd9 https://github.com/phpmyadmin/phpmyadmin/commit/20f71e767bcd037178cb5455543… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M schema_export.php Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015 Commit: dede065d7ad59fb7c31ae384961564b7f7a7c005 https://github.com/phpmyadmin/phpmyadmin/commit/dede065d7ad59fb7c31ae384961… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-23 (Tue, 23 Jul 2013) Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14 Commit: 333d82d3271b2a1b445134bb6bbb15ae8c9ba8a6 https://github.com/phpmyadmin/phpmyadmin/commit/333d82d3271b2a1b445134bb6bb… Author: Dieter Adriaenssens <ruleant(a)users.sourceforge.net> Date: 2013-07-27 (Sat, 27 Jul 2013) Changed paths: M ChangeLog M version_check.php Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11 Commit: 633c628e5cd8dcbbf17ad79d26b17a8b31ee9b7b https://github.com/phpmyadmin/phpmyadmin/commit/633c628e5cd8dcbbf17ad79d26b… Author: Marc Delisle <marc(a)infomarc.info> Date: 2013-07-28 (Sun, 28 Jul 2013) Changed paths: M ChangeLog M Documentation.html M README M libraries/Config.class.php Log Message: ----------- 3.5.8.2 release Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ddada9fb9599...633c628e5cd8

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Git