The branch, master has been updated via 12fcc270f2d0cc7df3a94a131e2f234b0ee8414c (commit) via 041cd7e7d2dfa95dd055da6fd2eb5308902fda95 (commit) via 58d86350c439c2ea06d58ba37f723e6e8a8f1abf (commit) via e214683f9fe4955dcbf0ffce045983728c7fa9d3 (commit) via b434320eff8ca9c2fc1b043c1804f868341af9a7 (commit) via 69fb0f8e7dc38075427aceaf09bcac697d0590ff (commit) via 0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f (commit) via 7ebd958b2bf59f96fecd5b3322bdbd0b244a7967 (commit) from a45a11f4e84c19dfa9e4ce0c2e25fc0e9dd8c01f (commit)
- Log ----------------------------------------------------------------- commit 12fcc270f2d0cc7df3a94a131e2f234b0ee8414c Merge: a45a11f4e84c19dfa9e4ce0c2e25fc0e9dd8c01f 041cd7e7d2dfa95dd055da6fd2eb5308902fda95 Author: Marc Delisle marc@infomarc.info Date: Sat Jul 2 20:52:10 2011 -0400
Merge branch 'QA_3_4'
-----------------------------------------------------------------------
Summary of changes: ChangeLog | 18 ++++++++++++------ libraries/auth/swekey/swekey.auth.lib.php | 5 ++--- libraries/display_tbl.lib.php | 2 +- libraries/server_synchronize.lib.php | 2 +- setup/lib/ConfigGenerator.class.php | 2 +- 5 files changed, 17 insertions(+), 12 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 504f54c..ae70fb7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,12 @@ phpMyAdmin - ChangeLog - bug #3348995 [config] $cfg['Export']['asfile'] set to false does not select asText option - bug #3340151 [export] Working SQL query exports error page
+3.4.3.1 (2011-07-02) +- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5 +- [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6 +- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7 +- [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8 + 3.4.3.0 (2011-06-27) - bug #3311170 [sync] Missing helper icons in Synchronize - patch #3304473 [setup] Redefine a lable that was wrong @@ -121,7 +127,7 @@ phpMyAdmin - ChangeLog + patch #2974341 [structure] Clicking on table name in db Structure should Browse the table if possible, thanks to bhdouglass - dougboybhd + patch #2975533 [search] New search operators, thanks to - Martynas Mickevičius + Martynas MickeviÄius + patch #2967320 [designer] Colored relations based on the primary key, thanks to GreenRover - greenrover - [core] Provide way for vendors to easily change paths to config files. @@ -275,7 +281,7 @@ phpMyAdmin - ChangeLog
3.3.7.0 (2010-09-07) - patch #3050492 [PDF scratchboard] Cannot drag table box to the edge after - a page size increase, thanks to Martin Schönberger - mad05 + a page size increase, thanks to Martin Schönberger - mad05
3.3.6.0 (2010-08-28) - bug #3033063 [core] Navi gets wrong db name @@ -296,7 +302,7 @@ phpMyAdmin - ChangeLog
3.3.5.0 (2010-07-26) - patch #2932113 [information_schema] Slow export when having lots of - databases, thanks to Stéphane Pontier - shadow_walker + databases, thanks to Stéphane Pontier - shadow_walker - bug #3022705 [import] Import button does not work in Catalan when there is no progress bar possible - bug [replication] Do not offer information_schema in the list of databases @@ -336,9 +342,9 @@ phpMyAdmin - ChangeLog - patch #2984893 [engines] InnoDB storage page emits a warning, thanks to Madhura Jayaratne - madhuracj - bug #2974687, bug #2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work, - thanks to Björn Wiberg - bwiberg + thanks to Björn Wiberg - bwiberg - bug #2983066 [interface] Flush table on table operations shows the query twice, - thanks to Martynas Mickevičius - BlinK_ + thanks to Martynas MickeviÄius - BlinK_ - bug #2983060, patch #2987900 [interface] Fix initial state of tables in designer, thanks to Sutharshan Balachandren. - bug #2983062, patch #2989408 [engines] Fix warnings when changing table @@ -417,7 +423,7 @@ phpMyAdmin - ChangeLog + rfe #2839504 [engines] Support InnoDB plugin's new row formats + [core] Added ability for synchronizing databases among servers. + [lang] #2843101 Dutch update, thanks to scavenger2008 -+ [lang] Galician update, thanks to Xosé Calvo - xosecalvo ++ [lang] Galician update, thanks to Xosé Calvo - xosecalvo + [export] Added MediaWiki export module, thanks to Derek Schaefer - drummingds1 + [lang] Turkish update, thanks to Burak Yavuz diff --git a/libraries/auth/swekey/swekey.auth.lib.php b/libraries/auth/swekey/swekey.auth.lib.php index d2ec1b1..c5f613b 100644 --- a/libraries/auth/swekey/swekey.auth.lib.php +++ b/libraries/auth/swekey/swekey.auth.lib.php @@ -263,11 +263,10 @@ function Swekey_login($input_name, $input_go) } }
-if (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false) +if (!empty($_GET['session_to_unset'])) { - parse_str($_SERVER['QUERY_STRING']); session_write_close(); - session_id($session_to_unset); + session_id($_GET['session_to_unset']); session_start(); $_SESSION = array(); session_write_close(); diff --git a/libraries/display_tbl.lib.php b/libraries/display_tbl.lib.php index 3a39bc6..0280d8b 100644 --- a/libraries/display_tbl.lib.php +++ b/libraries/display_tbl.lib.php @@ -1383,7 +1383,7 @@ function PMA_displayTableBody(&$dt_result, &$is_display, $map, $analyzed_sql) { if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {
if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) { - $include_file = $GLOBALS['mime_map'][$meta->name]['transformation']; + $include_file = PMA_securePath($GLOBALS['mime_map'][$meta->name]['transformation']);
if (file_exists('./libraries/transformations/' . $include_file)) { $transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']); diff --git a/libraries/server_synchronize.lib.php b/libraries/server_synchronize.lib.php index 1d8aaa5..a2ea20b 100644 --- a/libraries/server_synchronize.lib.php +++ b/libraries/server_synchronize.lib.php @@ -610,7 +610,7 @@ function PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, &$uncomm $Create_Query = PMA_DBI_fetch_value("SHOW CREATE TABLE " . PMA_backquote($src_db) . '.' . PMA_backquote($uncommon_tables[$table_index]), 0, 1, $src_link);
// Replace the src table name with a `dbname`.`tablename` - $Create_Table_Query = preg_replace('/' . PMA_backquote($uncommon_tables[$table_index]) . '/', + $Create_Table_Query = preg_replace('/' . preg_quote(PMA_backquote($uncommon_tables[$table_index]), '/') . '/', PMA_backquote($trg_db) . '.' .PMA_backquote($uncommon_tables[$table_index]), $Create_Query, $limit = 1 diff --git a/setup/lib/ConfigGenerator.class.php b/setup/lib/ConfigGenerator.class.php index 2872221..f3c6ed8 100644 --- a/setup/lib/ConfigGenerator.class.php +++ b/setup/lib/ConfigGenerator.class.php @@ -39,7 +39,7 @@ class ConfigGenerator if ($cf->getServerCount() > 0) { $ret .= "/* Servers configuration */$crlf$i = 0;" . $crlf . $crlf; foreach ($c['Servers'] as $id => $server) { - $ret .= '/* Server: ' . strtr($cf->getServerName($id), '*/', '-') . " [$id] */" . $crlf + $ret .= '/* Server: ' . strtr($cf->getServerName($id) . " [$id] ", '*/', '-') . "*/" . $crlf . '$i++;' . $crlf; foreach ($server as $k => $v) { $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);
hooks/post-receive