Branch: refs/heads/MAINT_3_5_8 Home: https://github.com/phpmyadmin/phpmyadmin Commit: 01d35b3558e47fba947719857bd71f6fd9e5dce8 https://github.com/phpmyadmin/phpmyadmin/commit/01d35b3558e47fba947719857bd7... Author: Dieter Adriaenssens ruleant@users.sourceforge.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M libraries/display_tbl.lib.php
Log Message: ----------- fix self-XSS, thanks to Michał Bentkowski for reporting, see PMASA-2013-8
Commit: 99e97594258a10c55fb825de6a8031356d24dbe2 https://github.com/phpmyadmin/phpmyadmin/commit/99e97594258a10c55fb825de6a80... Author: Marc Delisle marc@infomarc.info Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog
Log Message: ----------- ChangeLog entry for PMASA-2013-8
Commit: 7f9d762e89157144fbcc01167a3141e39ac25da1 https://github.com/phpmyadmin/phpmyadmin/commit/7f9d762e89157144fbcc01167a31... Author: Marc Delisle marc@infomarc.info Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M js/tbl_chart.js
Log Message: ----------- Fix self-XSS in Display chart, see PMASA-2013-9
Commit: 6f003b0ccb1293e5ff5be41bd25582485f480743 https://github.com/phpmyadmin/phpmyadmin/commit/6f003b0ccb1293e5ff5be41bd255... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M server_status.php
Log Message: ----------- Fix stored XSS in Server status monitor, see PMASA-2013-9
Commit: 7c58ed002f570c3793df0a77a625d3177ee9a12e https://github.com/phpmyadmin/phpmyadmin/commit/7c58ed002f570c3793df0a77a625... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M libraries/navigation_header.inc.php
Log Message: ----------- Fix stored XSS in navigation panel logo link, see PMASA-2013-9
Commit: 845dae144f4ed665a14bf4912046d5d3d220ef96 https://github.com/phpmyadmin/phpmyadmin/commit/845dae144f4ed665a14bf4912046... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M libraries/config/validate.lib.php
Log Message: ----------- Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9
Commit: 9d3941059a7e6a9c12f27c837ea3886b98ac653c https://github.com/phpmyadmin/phpmyadmin/commit/9d3941059a7e6a9c12f27c837ea3... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M version_check.php
Log Message: ----------- JSON content type header for version_check.php, see PMASA-2013-9
Commit: f8754f0c63b858a8338cb2e22003477b58a882d2 https://github.com/phpmyadmin/phpmyadmin/commit/f8754f0c63b858a8338cb2e22003... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: A js/jquery/jquery-1.6.2+fix-9521.js R js/jquery/jquery-1.6.2.js
Log Message: ----------- Rename jQuery file
Commit: adb2ed34dd40996b5bd269fed43c9c9904e563e5 https://github.com/phpmyadmin/phpmyadmin/commit/adb2ed34dd40996b5bd269fed43c... Author: Dave Methvin dave.methvin@gmail.com Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M js/jquery/jquery-1.6.2+fix-9521.js
Log Message: ----------- Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
Signed-off-by: J.M. me@mynetx.net
Commit: 2fd460fa60022206a14bd3ac3966c324ca93c3b1 https://github.com/phpmyadmin/phpmyadmin/commit/2fd460fa60022206a14bd3ac3966... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M js/jquery/jquery-1.6.2+fix-9521.js
Log Message: ----------- Add comment about included fix in jQuery file header
Commit: 045a82e133ced81acf37b159c4a7270b0175070b https://github.com/phpmyadmin/phpmyadmin/commit/045a82e133ced81acf37b159c4a7... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M index.php M libraries/common.inc.php M navigation.php M setup/index.php
Log Message: ----------- Update jQuery references to jQuery-1.6.2+fix-9521.js
Commit: d92ab0e10ad5ecc18db40412c54e354e2627e1ca https://github.com/phpmyadmin/phpmyadmin/commit/d92ab0e10ad5ecc18db40412c54e... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog
Log Message: ----------- Add ChangeLog entry for jQuery 1.6.3 fix backport
Commit: 299c481a58386a846884720d90682ad4079edf3a https://github.com/phpmyadmin/phpmyadmin/commit/299c481a58386a846884720d9068... Author: J.M me@mynetx.net Date: 2013-07-08 (Mon, 08 Jul 2013)
Changed paths: M ChangeLog M index.php A js/jquery/jquery-1.6.2+fix-9521.js R js/jquery/jquery-1.6.2.js M libraries/common.inc.php M navigation.php M setup/index.php
Log Message: ----------- Merge branch 'mynetx/patch-jquery-1-6-2' [security] Backport fix for jQuery issue #9521 from jQuery 1.6.3, see PMASA-2013-9
Commit: 0440926bcdf98cda6f9096b7988bd8e01bf6711d https://github.com/phpmyadmin/phpmyadmin/commit/0440926bcdf98cda6f9096b7988b... Author: Marc Delisle marc@infomarc.info Date: 2013-07-11 (Thu, 11 Jul 2013)
Changed paths: M libraries/Error.class.php M libraries/Error_Handler.class.php M libraries/common.inc.php
Log Message: ----------- [security] Avoid full path disclosure from some libraries script, see PMASA-2013-12
Move the PHPMYADMIN constant definition earlier
Commit: 63848b24389dfabda8306112e20742b3ff7b8b12 https://github.com/phpmyadmin/phpmyadmin/commit/63848b24389dfabda8306112e207... Author: Marc Delisle marc@infomarc.info Date: 2013-07-11 (Thu, 11 Jul 2013)
Changed paths: M libraries/Config.class.php M libraries/List_Database.class.php M libraries/PDF.class.php M libraries/PMA.php M libraries/RecentTable.class.php M libraries/bookmark.lib.php
Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12
Commit: 4cc91616057d7517df306fe27b291c9639493d88 https://github.com/phpmyadmin/phpmyadmin/commit/4cc91616057d7517df306fe27b29... Author: Marc Delisle marc@infomarc.info Date: 2013-07-12 (Fri, 12 Jul 2013)
Changed paths: M libraries/common.inc.php
Log Message: ----------- [security] Avoid full path disclosure from libraries/common.inc.php, see PMASA-2013-12
Commit: 5d49c44fb862bfdfb8205ff15e8469cfb1b1c5d9 https://github.com/phpmyadmin/phpmyadmin/commit/5d49c44fb862bfdfb8205ff15e84... Author: Marc Delisle marc@infomarc.info Date: 2013-07-13 (Sat, 13 Jul 2013)
Changed paths: M libraries/auth/swekey/swekey.auth.lib.php M libraries/config.default.php M libraries/data_drizzle.inc.php M libraries/data_mysql.inc.php
Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12
Commit: 2f93578e20fd422f922183254dd50318d03a3e24 https://github.com/phpmyadmin/phpmyadmin/commit/2f93578e20fd422f922183254dd5... Author: Marc Delisle marc@infomarc.info Date: 2013-07-15 (Mon, 15 Jul 2013)
Changed paths: M libraries/common.inc.php
Log Message: ----------- Move protection statement at beginning of script
Commit: 8559162ebc8ce822fa01ac429a6aab08cfa4ceda https://github.com/phpmyadmin/phpmyadmin/commit/8559162ebc8ce822fa01ac429a6a... Author: Marc Delisle marc@infomarc.info Date: 2013-07-15 (Mon, 15 Jul 2013)
Changed paths: M libraries/dbi/drizzle-wrappers.lib.php M libraries/display_tbl.lib.php M libraries/engines/bdb.lib.php M libraries/engines/berkeleydb.lib.php M libraries/engines/binlog.lib.php M libraries/engines/innobase.lib.php M libraries/engines/innodb.lib.php M libraries/engines/memory.lib.php M libraries/engines/merge.lib.php M libraries/engines/mrg_myisam.lib.php M libraries/engines/myisam.lib.php M libraries/engines/ndbcluster.lib.php M libraries/engines/pbms.lib.php M libraries/engines/pbxt.lib.php
Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12
Commit: 1c1e3dca2b0cdfe10615f51a73b7d00718ad8d4b https://github.com/phpmyadmin/phpmyadmin/commit/1c1e3dca2b0cdfe10615f51a73b7... Author: Marc Delisle marc@infomarc.info Date: 2013-07-17 (Wed, 17 Jul 2013)
Changed paths: M libraries/pmd_common.php M libraries/schema/Pdf_Relation_Schema.class.php
Log Message: ----------- [security] Avoid full path disclosure from some libraries scripts, see PMASA-2013-12
Commit: cd587e6fbce2a85fd6c435fec4ee9449b4c5c5df https://github.com/phpmyadmin/phpmyadmin/commit/cd587e6fbce2a85fd6c435fec4ee... Author: Marc Delisle marc@infomarc.info Date: 2013-07-17 (Wed, 17 Jul 2013)
Changed paths: R libraries/.htaccess
Log Message: ----------- Delete .htaccess which does not work on all web servers
Commit: 8e488a61de87c122d7ee28f03a3b31242d43fb18 https://github.com/phpmyadmin/phpmyadmin/commit/8e488a61de87c122d7ee28f03a3b... Author: Marc Delisle marc@infomarc.info Date: 2013-07-17 (Wed, 17 Jul 2013)
Changed paths: R setup/frames/.htaccess R setup/lib/.htaccess
Log Message: ----------- Remove other .htaccess for directories which are not at risk
Commit: 3b723eba5b192804ab2476ceba7ecd3b471913c6 https://github.com/phpmyadmin/phpmyadmin/commit/3b723eba5b192804ab2476ceba7e... Author: Marc Delisle marc@infomarc.info Date: 2013-07-17 (Wed, 17 Jul 2013)
Changed paths: M ChangeLog
Log Message: ----------- ChangeLog entry for full path disclosure fixes
Commit: 4cbeef599cda87c6d2b1d7ef5542fe1ff316f706 https://github.com/phpmyadmin/phpmyadmin/commit/4cbeef599cda87c6d2b1d7ef5542... Author: Marc Delisle marc@infomarc.info Date: 2013-07-23 (Tue, 23 Jul 2013)
Changed paths: M ChangeLog M pmd_pdf.php
Log Message: ----------- Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15
Commit: 20f71e767bcd037178cb5455543071323bc7ffd9 https://github.com/phpmyadmin/phpmyadmin/commit/20f71e767bcd037178cb54555430... Author: Marc Delisle marc@infomarc.info Date: 2013-07-23 (Tue, 23 Jul 2013)
Changed paths: M ChangeLog M schema_export.php
Log Message: ----------- [security] Fix control user SQL injection in schema_export.php, see PMASA-2015
Commit: dede065d7ad59fb7c31ae384961564b7f7a7c005 https://github.com/phpmyadmin/phpmyadmin/commit/dede065d7ad59fb7c31ae3849615... Author: Marc Delisle marc@infomarc.info Date: 2013-07-23 (Tue, 23 Jul 2013)
Changed paths: M ChangeLog M libraries/schema/Export_Relation_Schema.class.php
Log Message: ----------- [security] Fix self-XSS in schema export, see PMASA-2013-14
Commit: 333d82d3271b2a1b445134bb6bbb15ae8c9ba8a6 https://github.com/phpmyadmin/phpmyadmin/commit/333d82d3271b2a1b445134bb6bbb... Author: Dieter Adriaenssens ruleant@users.sourceforge.net Date: 2013-07-27 (Sat, 27 Jul 2013)
Changed paths: M ChangeLog M version_check.php
Log Message: ----------- [security] Fix unencoded json object, see PMASA-2013-11
Commit: 633c628e5cd8dcbbf17ad79d26b17a8b31ee9b7b https://github.com/phpmyadmin/phpmyadmin/commit/633c628e5cd8dcbbf17ad79d26b1... Author: Marc Delisle marc@infomarc.info Date: 2013-07-28 (Sun, 28 Jul 2013)
Changed paths: M ChangeLog M Documentation.html M README M libraries/Config.class.php
Log Message: ----------- 3.5.8.2 release
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/ddada9fb9599...633c628e5cd8