Branch: refs/heads/QA_4_1 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 4bb85f59a4c9560afb9cb1001e83e6a291ce3765 https://github.com/phpmyadmin/phpmyadmin/commit/4bb85f59a4c9560afb9cb1001e83... Author: Marc Delisle <marc@infomarc.info> Date: 2014-04-26 (Sat, 26 Apr 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: daa98d0c7ed24b529dc5df0d5905873acd0b00be https://github.com/phpmyadmin/phpmyadmin/commit/daa98d0c7ed24b529dc5df0d5905... Author: Ann + J.M <phpMyAdmin@ZweiSteinSoft.de> Date: 2014-06-21 (Sat, 21 Jun 2014) Changed paths: M libraries/navigation/Navigation.class.php M libraries/navigation/Nodes/Node_DatabaseChild.class.php Log Message: ----------- Fix XSS in Hide navigation items feature Signed-off-by: Ann + J.M <phpMyAdmin@ZweiSteinSoft.de> Commit: d143c549f92f4d5eeec50ba0d21b301e466c0d95 https://github.com/phpmyadmin/phpmyadmin/commit/d143c549f92f4d5eeec50ba0d21b... Author: Marc Delisle <marc@infomarc.info> Date: 2014-06-21 (Sat, 21 Jun 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.1 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 45550b8cff06ad128129020762f9b53d125a6934 https://github.com/phpmyadmin/phpmyadmin/commit/45550b8cff06ad128129020762f9... Author: Marc Delisle <marc@infomarc.info> Date: 2014-07-15 (Tue, 15 Jul 2014) Changed paths: M ChangeLog M server_user_groups.php Log Message: ----------- bug #4491 [security] Missing validation for accessing User groups feature Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 511c596b175889b8e6b9c423e352ca64fa20af2b https://github.com/phpmyadmin/phpmyadmin/commit/511c596b175889b8e6b9c423e352... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-07-17 (Thu, 17 Jul 2014) Changed paths: M ChangeLog M libraries/rte/rte_list.lib.php Log Message: ----------- bug #4488 [security] XSS injection due to unescaped table name (triggers) Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: cd5697027a2ee7e1f7d7000b23be6051cdb0516c https://github.com/phpmyadmin/phpmyadmin/commit/cd5697027a2ee7e1f7d7000b23be... Author: Marc Delisle <marc@infomarc.info> Date: 2014-07-17 (Thu, 17 Jul 2014) Changed paths: M ChangeLog M js/functions.js M js/tbl_structure.js Log Message: ----------- bug #4492 [security] XSS in AJAX confirmation messages Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 2a211a595f6eb54db3d842ee23b6ff22ac608a14 https://github.com/phpmyadmin/phpmyadmin/commit/2a211a595f6eb54db3d842ee23b6... Author: Marc Delisle <marc@infomarc.info> Date: 2014-07-17 (Thu, 17 Jul 2014) Changed paths: M ChangeLog M server_user_groups.php Log Message: ----------- Fix merge conflict Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 0f781c803cf70b386736f079b883695fec08cfcb https://github.com/phpmyadmin/phpmyadmin/commit/0f781c803cf70b386736f079b883... Author: Marc Delisle <marc@infomarc.info> Date: 2014-07-17 (Thu, 17 Jul 2014) Changed paths: M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.2 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 65eef3d65411b985250487e14f1121754a91c6d5 https://github.com/phpmyadmin/phpmyadmin/commit/65eef3d65411b985250487e14f11... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-08-06 (Wed, 06 Aug 2014) Changed paths: M ChangeLog M js/functions.js Log Message: ----------- bug #4505 [security] XSS in view operations page Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 2d394521197f81dce0d9529b2d86ed24760b5b2a https://github.com/phpmyadmin/phpmyadmin/commit/2d394521197f81dce0d9529b2d86... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M js/sql.js Log Message: ----------- bug #4501 [security] XSS in table browse page Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 1956420ddab0595016ba2b3af89f7f82d39f5afa https://github.com/phpmyadmin/phpmyadmin/commit/1956420ddab0595016ba2b3af89f... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M js/functions.js Log Message: ----------- bug #4502 [security] Self-XSS in enum value editor Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 69f746b7dc09f7b1a18b09de0b5cd71f0bcd0a3d https://github.com/phpmyadmin/phpmyadmin/commit/69f746b7dc09f7b1a18b09de0b5c... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M js/server_status_monitor.js Log Message: ----------- bug #4503 [security] Self-XSSes in monitor Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: bbd20b54864a389c7a0cd2c4d4715f00b81a03e9 https://github.com/phpmyadmin/phpmyadmin/commit/bbd20b54864a389c7a0cd2c4d471... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M js/tbl_chart.js Log Message: ----------- bug #4504 [security] Self-XSS in query charts Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 5519905a2519d9a102b172432448c7e91d5601a6 https://github.com/phpmyadmin/phpmyadmin/commit/5519905a2519d9a102b172432448... Author: Marc Delisle <marc@infomarc.info> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M libraries/tbl_relation.lib.php Log Message: ----------- bug #4517 [security] XSS in relation view Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 54d738568bac627afdb3b7dad22787fcc17956e9 https://github.com/phpmyadmin/phpmyadmin/commit/54d738568bac627afdb3b7dad227... Author: Marc Delisle <marc@infomarc.info> Date: 2014-08-17 (Sun, 17 Aug 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.3 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 621772aa0d19d5f3ac21af2611c1dbda9b356506 https://github.com/phpmyadmin/phpmyadmin/commit/621772aa0d19d5f3ac21af2611c1... Author: Marc Delisle <marc@infomarc.info> Date: 2014-09-13 (Sat, 13 Sep 2014) Changed paths: M ChangeLog M js/ajax.js A js/whitelist.php M libraries/Header.class.php M libraries/Scripts.class.php Log Message: ----------- bug #4530 [security] DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 247ebb60778991ba35ca9d9803833e177e2c1c81 https://github.com/phpmyadmin/phpmyadmin/commit/247ebb60778991ba35ca9d980383... Author: Marc Delisle <marc@infomarc.info> Date: 2014-09-13 (Sat, 13 Sep 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.4 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 71ccbbc423bcfd14ba40174b3adcd9a0fafaa511 https://github.com/phpmyadmin/phpmyadmin/commit/71ccbbc423bcfd14ba40174b3adc... Author: Marc Delisle <marc@infomarc.info> Date: 2014-10-01 (Wed, 01 Oct 2014) Changed paths: M libraries/TableSearch.class.php M libraries/Util.class.php Log Message: ----------- [security] XSS with malicious ENUM values Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: ed89810fb0a2a57d663ff2dc51a36c75ddff99fb https://github.com/phpmyadmin/phpmyadmin/commit/ed89810fb0a2a57d663ff2dc51a3... Author: Marc Delisle <marc@infomarc.info> Date: 2014-10-01 (Wed, 01 Oct 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.5 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: f989e2a94cb75158d33330e0e29f9b54ce3d7c07 https://github.com/phpmyadmin/phpmyadmin/commit/f989e2a94cb75158d33330e0e29f... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-10-21 (Tue, 21 Oct 2014) Changed paths: M ChangeLog M libraries/DatabaseInterface.class.php Log Message: ----------- bug #4562 [security] XSS in debug SQL output Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 0092f608d37d0ce7acea30ec9e7e995ef1a6e06c https://github.com/phpmyadmin/phpmyadmin/commit/0092f608d37d0ce7acea30ec9e7e... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-10-21 (Tue, 21 Oct 2014) Changed paths: M ChangeLog M js/server_status_monitor.js Log Message: ----------- bug #4563 [security] XSS in monitor query analyzer Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 2bb64187aef6a2fd68fbffad60ff7bb226137c53 https://github.com/phpmyadmin/phpmyadmin/commit/2bb64187aef6a2fd68fbffad60ff... Author: Marc Delisle <marc@infomarc.info> Date: 2014-10-21 (Tue, 21 Oct 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.6 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: c641ad40c37bc562226c8a25cce77a273a07756b https://github.com/phpmyadmin/phpmyadmin/commit/c641ad40c37bc562226c8a25cce7... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-17 (Mon, 17 Nov 2014) Changed paths: M ChangeLog M libraries/error_report.lib.php Log Message: ----------- bug #4596 [security] XSS through exception stack Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: da44dd4fd7432b915203e3e723a4534a01c12cd9 https://github.com/phpmyadmin/phpmyadmin/commit/da44dd4fd7432b915203e3e723a4... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-17 (Mon, 17 Nov 2014) Changed paths: M ChangeLog M libraries/error_report.lib.php Log Message: ----------- bug #4595 [security] Path traversal can lead to leakage of line count Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 47a6ece0427a23c47f2b1a88dfb0f46ca344aaec https://github.com/phpmyadmin/phpmyadmin/commit/47a6ece0427a23c47f2b1a88dfb0... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M libraries/tbl_printview.lib.php Log Message: ----------- bug #4578 [security] XSS vulnerability in table print view Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 816fa880060f37932be291d2918fd5c6ac474ab5 https://github.com/phpmyadmin/phpmyadmin/commit/816fa880060f37932be291d2918f... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M tbl_zoom_select.php Log Message: ----------- bug #4579 [security] XSS vulnerability in zoom search page Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 59557b51362edc5eee024f3f2912a9d598e42763 https://github.com/phpmyadmin/phpmyadmin/commit/59557b51362edc5eee024f3f2912... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M libraries/gis/pma_gis_factory.php Log Message: ----------- bug #4594 [security] Path traversal in file inclusion of GIS factory Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 60c619fa1679a7c4fe09657da293e84dde02eede https://github.com/phpmyadmin/phpmyadmin/commit/60c619fa1679a7c4fe09657da293... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M libraries/mult_submits.lib.php Log Message: ----------- bug #4598 [security] XSS in multi submit Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: cea7c5fba8224b8380f2a83a689eb6caa6c79662 https://github.com/phpmyadmin/phpmyadmin/commit/cea7c5fba8224b8380f2a83a689e... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M libraries/Config.class.php M libraries/Theme.class.php Log Message: ----------- bug #4597 [security] XSS through pma_fontsize cookie Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 23ef01973a3bdbdbf8920d922fa89673a3ad9da1 https://github.com/phpmyadmin/phpmyadmin/commit/23ef01973a3bdbdbf8920d922fa8... Author: Marc Delisle <marc@infomarc.info> Date: 2014-11-20 (Thu, 20 Nov 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.7 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 62b2c918d26cc78d1763945e3d44d1a63294a819 https://github.com/phpmyadmin/phpmyadmin/commit/62b2c918d26cc78d1763945e3d44... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2014-12-02 (Tue, 02 Dec 2014) Changed paths: M ChangeLog M libraries/common.inc.php M libraries/plugins/AuthenticationPlugin.class.php M libraries/plugins/auth/AuthenticationCookie.class.php Log Message: ----------- bug #4611 [security] DOS attack with long passwords Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: 8707861365d6d6e6921bee85eb0ab91ddac5c698 https://github.com/phpmyadmin/phpmyadmin/commit/8707861365d6d6e6921bee85eb0a... Author: Marc Delisle <marc@infomarc.info> Date: 2014-12-03 (Wed, 03 Dec 2014) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.1.14.8 release Signed-off-by: Marc Delisle <marc@infomarc.info> Commit: 345aa10021154a9afc6ae2ef1d97b1ff378b2ef6 https://github.com/phpmyadmin/phpmyadmin/commit/345aa10021154a9afc6ae2ef1d97... Author: Michal Čihař <michal@cihar.com> Date: 2014-12-04 (Thu, 04 Dec 2014) Changed paths: M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php Log Message: ----------- Adjust testcase to new split methods Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 3ed40655035c338f8fc46f45473f436dfe3e3e5d https://github.com/phpmyadmin/phpmyadmin/commit/3ed40655035c338f8fc46f45473f... Author: Michal Čihař <michal@cihar.com> Date: 2014-12-04 (Thu, 04 Dec 2014) Changed paths: M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php Log Message: ----------- Add missing call to test Signed-off-by: Michal Čihař <michal@cihar.com> Commit: beeba6a787ca2c97baf7ae47aac6069b5ddd5572 https://github.com/phpmyadmin/phpmyadmin/commit/beeba6a787ca2c97baf7ae47aac6... Author: Michal Čihař <michal@cihar.com> Date: 2014-12-04 (Thu, 04 Dec 2014) Changed paths: M ChangeLog M js/ajax.js M js/functions.js M js/server_status_monitor.js M js/sql.js M js/tbl_chart.js M js/tbl_structure.js A js/whitelist.php M libraries/Config.class.php M libraries/DatabaseInterface.class.php M libraries/Header.class.php M libraries/Scripts.class.php M libraries/TableSearch.class.php M libraries/Theme.class.php M libraries/Util.class.php M libraries/common.inc.php M libraries/error_report.lib.php M libraries/gis/pma_gis_factory.php M libraries/mult_submits.lib.php M libraries/navigation/Navigation.class.php M libraries/navigation/Nodes/Node_DatabaseChild.class.php M libraries/plugins/AuthenticationPlugin.class.php M libraries/plugins/auth/AuthenticationCookie.class.php M libraries/rte/rte_list.lib.php M libraries/tbl_printview.lib.php M libraries/tbl_relation.lib.php M server_user_groups.php M tbl_zoom_select.php M test/classes/plugin/auth/PMA_AuthenticationCookie_test.php Log Message: ----------- Merge branch 'MAINT_4_1_14' into QA_4_1 Conflicts: ChangeLog README doc/conf.py libraries/Config.class.php Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ba60e5a72313...beeba6a787ca