Branch: refs/heads/MAINT_4_4_15 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 06538a39d0a2b756d1e879647f7dfde0a1b4fc2b https://github.com/phpmyadmin/phpmyadmin/commit/06538a39d0a2b756d1e879647f7d... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-01-28 (Thu, 28 Jan 2016)
Changed paths: M ChangeLog
Log Message: ----------- ChangeLog entries for security issues
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 6c69aa899c6d77f34ecb68ae3d307b81add85261 https://github.com/phpmyadmin/phpmyadmin/commit/6c69aa899c6d77f34ecb68ae3d30... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php M libraries/plugins/auth/AuthenticationCookie.class.php M libraries/session.inc.php
Log Message: ----------- Merge branch 'MAINT_4_4_15' into MAINT_4_4_15-security
Commit: 5168199f76c99f8c99b30e5142fa2c1a99ee5c35 https://github.com/phpmyadmin/phpmyadmin/commit/5168199f76c99f8c99b30e5142fa... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M js/functions.js
Log Message: ----------- Escape SQL query for inline editing
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 90df124797175688a63be0d0a311210e92f09895 https://github.com/phpmyadmin/phpmyadmin/commit/90df124797175688a63be0d0a311... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/structure.lib.php
Log Message: ----------- Fix XSS in database structure page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 492fee722e3a0e5107246195a8d4665b87307800 https://github.com/phpmyadmin/phpmyadmin/commit/492fee722e3a0e5107246195a8d4... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M normalization.php
Log Message: ----------- Fix XSS in normalization
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: dd853f89c6daa64db0c934cc166c90396a35338d https://github.com/phpmyadmin/phpmyadmin/commit/dd853f89c6daa64db0c934cc166c... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/tcpdf/include/tcpdf_static.php
Log Message: ----------- Avoid skipping the SSL certificate check in TCPDF
This code is never used in phpMyAdmin, but we fix it just to avoid potential security reports.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 79c515921fe45ae14bd156b4f19686bf4f72e80b https://github.com/phpmyadmin/phpmyadmin/commit/79c515921fe45ae14bd156b4f196... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/structure.lib.php
Log Message: ----------- Merge pull request #18 from phpmyadmin/sec_1_3
Fix XSS in database structure page
Commit: 8025745ff017274970435000a9011dfab1e04e98 https://github.com/phpmyadmin/phpmyadmin/commit/8025745ff017274970435000a901... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M js/functions.js M js/normalization.js
Log Message: ----------- Fix XSS in normalization.js
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 25e6bf3362a793abb59ecd668e9121a4c471e101 https://github.com/phpmyadmin/phpmyadmin/commit/25e6bf3362a793abb59ecd668e91... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M js/normalization.js
Log Message: ----------- Escape selectors
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 9ec0b598bd0c5a5b63e483801057ab8a22e82527 https://github.com/phpmyadmin/phpmyadmin/commit/9ec0b598bd0c5a5b63e483801057... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/Config.class.php
Log Message: ----------- Urlencode hostname
This can come from the HTTP header, so we need to be sure to sanitize it.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 99b8258fbdc5c2a6439c1b070a3693f0501b2f61 https://github.com/phpmyadmin/phpmyadmin/commit/99b8258fbdc5c2a6439c1b070a36... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M normalization.php
Log Message: ----------- Merge pull request #21 from phpmyadmin/sec_1_4
Fix XSS in normalization
Commit: 081551c5890c8675c15e8507eac786a78b5cb790 https://github.com/phpmyadmin/phpmyadmin/commit/081551c5890c8675c15e8507eac7... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M file_echo.php
Log Message: ----------- Use correct headers for json data
It was previously not marked as such what could potentially lead to browsers doing some autodetection.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: ad21889ba8424857de7ed9e6c7ef012f2f9c7ea6 https://github.com/phpmyadmin/phpmyadmin/commit/ad21889ba8424857de7ed9e6c7ef... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M js/functions.js M js/normalization.js
Log Message: ----------- Merge pull request #24 from phpmyadmin/sec_1_5
Fix XSS in normalization.js
Commit: 65c4a999ede9ae25e27f0e850b5d99a9685ac930 https://github.com/phpmyadmin/phpmyadmin/commit/65c4a999ede9ae25e27f0e850b5d... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M ChangeLog
Log Message: ----------- Add changes for security issues
Signed-off-by: Michal Čihař michal@cihar.com
Commit: f4d9d4c868cf0bba999a1bee8b05bbeb9f22e5f2 https://github.com/phpmyadmin/phpmyadmin/commit/f4d9d4c868cf0bba999a1bee8b05... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-27 (Sat, 27 Feb 2016)
Changed paths: M js/normalization.js
Log Message: ----------- Fix XSS in normalization.js
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: c539ef288eb5ca2f7810ccf7f2d471673dc63bcf https://github.com/phpmyadmin/phpmyadmin/commit/c539ef288eb5ca2f7810ccf7f2d4... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M db_central_columns.php
Log Message: ----------- Fix XSS in Central columns page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: d0cdcf54a6a10a63cf882152a0a7430a967fa31e https://github.com/phpmyadmin/phpmyadmin/commit/d0cdcf54a6a10a63cf882152a0a7... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M libraries/server_privileges.lib.php
Log Message: ----------- Fix XSS in User accounts page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: 07591a2b1b96ab0ee3fa6377972ed2d557af22ed https://github.com/phpmyadmin/phpmyadmin/commit/07591a2b1b96ab0ee3fa6377972e... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M tbl_zoom_select.php
Log Message: ----------- Fix XSS in zoom search
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: b7c2e99987c2c52c6e8010b55b75f3c1c039216a https://github.com/phpmyadmin/phpmyadmin/commit/b7c2e99987c2c52c6e8010b55b75... Author: Isaac Bennetch bennetch@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php
Log Message: ----------- 4.4.15.5 release
Signed-off-by: Isaac Bennetch bennetch@gmail.com
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/32f512698518...b7c2e99987c2