Branch: refs/heads/MAINT_4_0_10 Home: https://github.com/phpmyadmin/phpmyadmin Commit: b8f1e0f325f8f32bd82af64111d8c2e9055a363c https://github.com/phpmyadmin/phpmyadmin/commit/b8f1e0f325f8f32bd82af64111d8... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M js/functions.js
Log Message: ----------- Escape SQL query for inline editing
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 73c8245a3d1893a710447957e28dcfb18d9b47ad https://github.com/phpmyadmin/phpmyadmin/commit/73c8245a3d1893a710447957e28d... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/Config.class.php
Log Message: ----------- Urlencode hostname
This can come from the HTTP header, so we need to be sure to sanitize it.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 0667ea8ac7519d7e642eade2686dc393d5faeae3 https://github.com/phpmyadmin/phpmyadmin/commit/0667ea8ac7519d7e642eade2686d... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M file_echo.php
Log Message: ----------- Use correct headers for json data
It was previously not marked as such what could potentially lead to browsers doing some autodetection.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 45ecc10d18f47ad18c0b2e17139cc7b510e36da4 https://github.com/phpmyadmin/phpmyadmin/commit/45ecc10d18f47ad18c0b2e17139c... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/tcpdf/tcpdf.php
Log Message: ----------- Avoid skipping the SSL certificate check in TCPDF
This code is never used in phpMyAdmin, but we fix it just to avoid potential security reports.
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 155876b48f496d25353e0532763412b0e0dc754c https://github.com/phpmyadmin/phpmyadmin/commit/155876b48f496d25353e05327634... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M libraries/Config.class.php
Log Message: ----------- Merge pull request #20 from phpmyadmin/xss-host
Urlencode hostname
Commit: 25a632a9f4e01f86b0a17644483d1e4c5cb91ad1 https://github.com/phpmyadmin/phpmyadmin/commit/25a632a9f4e01f86b0a17644483d... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M file_echo.php
Log Message: ----------- Merge pull request #22 from phpmyadmin/json-response
Use correct headers for json data
Commit: e795141fba2246ad4123e7bd0b2a81c2b71f193d https://github.com/phpmyadmin/phpmyadmin/commit/e795141fba2246ad4123e7bd0b2a... Author: Michal Čihař michal@cihar.com Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M ChangeLog
Log Message: ----------- Add changes for security issues
Signed-off-by: Michal Čihař michal@cihar.com
Commit: 7ddce5e39a4e12cd351732955394bc7055c280eb https://github.com/phpmyadmin/phpmyadmin/commit/7ddce5e39a4e12cd351732955394... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M libraries/server_privileges.lib.php
Log Message: ----------- Fix XSS in User accounts page
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83 https://github.com/phpmyadmin/phpmyadmin/commit/fe3be9f4b9edd54dc39919e7dfea... Author: Madhura Jayaratne madhura.cj@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M tbl_zoom_select.php
Log Message: ----------- Fix XSS in zoom search
Signed-off-by: Madhura Jayaratne madhura.cj@gmail.com
Commit: b1cc43ee7f8607c80889570912c5a54b7409b4d1 https://github.com/phpmyadmin/phpmyadmin/commit/b1cc43ee7f8607c80889570912c5... Author: Isaac Bennetch bennetch@gmail.com Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php
Log Message: ----------- 4.0.10.15 release
Signed-off-by: Isaac Bennetch bennetch@gmail.com
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/945c58b9d2d8...b1cc43ee7f86