The branch, MAINT_3_3_10 has been updated
via 6f982a164575ab0d4f35aba9425576189e4013d5 (commit)
via 75606e5f82280eb1a3817badf1b24d512a010b80 (commit)
via 1a89c8ecfd09ceace81fb11e488f12599c0e49b6 (commit)
via 2fbf631384fd8cded55f4500cb87b129442f9ed2 (commit)
via 5fa86b8e81565c15ddbc359e8f59ecd829a2b717 (commit)
via e3d3ef7af2915cf30bf6f3e69e75f9eb58d94be9 (commit)
via c79375598d46552fc1717f798a6560f9a1cdc102 (commit)
from bd92c092cd422667097e98a3cd8ebc0140338244 (commit)
- Log -----------------------------------------------------------------
commit 6f982a164575ab0d4f35aba9425576189e4013d5
Author: Marc Delisle <marc(a)infomarc.info>
Date: Thu Nov 10 08:42:22 2011 -0500
3.3.10.5 release
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 4 +++
Documentation.html | 10 +++++++-
README | 2 +-
db_datadict.php | 2 +-
libraries/Config.class.php | 2 +-
libraries/import/ods.php | 12 ++++++++++
libraries/import/xml.php | 50 +++++++++++++++++++++++++++----------------
translators.html | 4 +-
8 files changed, 60 insertions(+), 26 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index ddc085d..7a69d01 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog
$Id$
$HeadURL:
https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/… $
+3.3.10.5 (2011-11-10)
+- [security] Fixed possible local file inclusion in XML import
+(CVE-2011-4107).
+
3.3.10.4 (2011-08-24)
- [security] Missing sanitization on the table, column and index names leads to XSS
vulnerabilities, see PMASA-2011-13
diff --git a/Documentation.html b/Documentation.html
index 7ee8e50..3a115a7 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
<link rel="icon" href="./favicon.ico"
type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico"
type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />
- <title>phpMyAdmin 3.3.10.4 - Documentation</title>
+ <title>phpMyAdmin 3.3.10.5 - Documentation</title>
<link rel="stylesheet" type="text/css"
href="docs.css" />
</head>
@@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
<div id="header">
<h1>
<a
href="http://www.phpmyadmin.net/">php<span
class="myadmin">MyAdmin</span></a>
- 3.3.10.4
+ 3.3.10.5
Documentation
</h1>
</div>
@@ -81,6 +81,12 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
</li>
<li>To support upload progress bars, see <a
href="#faq2_9">
<abbr title="Frequently Asked
Questions">FAQ</abbr> 2.9</a>.</li>
+ <li>To support BLOB streaming, see PHP and MySQL requirements
+ in <a href="#faq6_25">
+ <abbr title="Frequently Asked
Questions">FAQ</abbr> 6.25</a>.</li>
+ <li>To support XML and Open Document Spreadsheet importing,
+ you need PHP 5.2.17 or newer and the
+ <a
href="http://www.php.net/libxml"><tt>libxml</tt>&l…
extension.</li>
</ul>
</li>
<li><b>MySQL</b> 5.0 or newer (<a
href="#faq1_17">details</a>);</li>
diff --git a/README b/README
index 4d2bcbd..3ad7217 100644
--- a/README
+++ b/README
@@ -5,7 +5,7 @@ phpMyAdmin - Readme
A set of PHP-scripts to manage MySQL over the web.
- Version 3.3.10.4
+ Version 3.3.10.5
----------------
http://www.phpmyadmin.net/
diff --git a/db_datadict.php b/db_datadict.php
index 0c16cb7..086d7be 100644
--- a/db_datadict.php
+++ b/db_datadict.php
@@ -70,7 +70,7 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
echo '<div>' . "\n";
}
- echo '<h2>' . $table . '</h2>' . "\n";
+ echo '<h2>' . htmlspecialchars($table) . '</h2>' .
"\n";
/**
* Gets table informations
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index 0ace890..9dd464b 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -92,7 +92,7 @@ class PMA_Config
*/
function checkSystem()
{
- $this->set('PMA_VERSION', '3.3.10.4');
+ $this->set('PMA_VERSION', '3.3.10.5');
/**
* @deprecated
*/
diff --git a/libraries/import/ods.php b/libraries/import/ods.php
index 81aed5e..dcc6a51 100644
--- a/libraries/import/ods.php
+++ b/libraries/import/ods.php
@@ -14,6 +14,13 @@ if (! defined('PHPMYADMIN')) {
}
/**
+ * We need way to disable external XML entities processing.
+ */
+if (!function_exists('libxml_disable_entity_loader')) {
+ return;
+}
+
+/**
* The possible scopes for $plugin_param are: 'table', 'database', and
'server'
*/
@@ -62,6 +69,11 @@ while (! ($finished && $i >= $len) && ! $error
&& ! $timeout_passed) {
unset($data);
/**
+ * Disable loading of external XML entities.
+ */
+libxml_disable_entity_loader();
+
+/**
* Load the XML string
*
* The option LIBXML_COMPACT is specified because it can
diff --git a/libraries/import/xml.php b/libraries/import/xml.php
index f62328e..9298225 100644
--- a/libraries/import/xml.php
+++ b/libraries/import/xml.php
@@ -13,6 +13,13 @@ if (! defined('PHPMYADMIN')) {
}
/**
+ * We need way to disable external XML entities processing.
+ */
+if (!function_exists('libxml_disable_entity_loader')) {
+ return;
+}
+
+/**
* The possible scopes for $plugin_param are: 'table', 'database', and
'server'
*/
@@ -57,6 +64,11 @@ while (! ($finished && $i >= $len) && ! $error
&& ! $timeout_passed) {
unset($data);
/**
+ * Disable loading of external XML entities.
+ */
+libxml_disable_entity_loader();
+
+/**
* Load the XML string
*
* The option LIBXML_COMPACT is specified because it can
@@ -141,19 +153,19 @@ if (isset($namespaces['pma'])) {
* Get structures for all tables
*/
$struct = $xml->children($namespaces['pma']);
-
+
$create = array();
-
+
foreach ($struct as $tier1 => $val1) {
foreach($val1 as $tier2 => $val2) {
/* Need to select the correct database for the creation of tables, views,
triggers, etc. */
/**
- * @todo Generating a USE here blocks importing of a table
- * into another database.
+ * @todo Generating a USE here blocks importing of a table
+ * into another database.
*/
$attrs = $val2->attributes();
$create[] = "USE " . PMA_backquote($attrs["name"]);
-
+
foreach ($val2 as $val3) {
/**
* Remove the extra cosmetic spacing
@@ -163,7 +175,7 @@ if (isset($namespaces['pma'])) {
}
}
}
-
+
$struct_present = true;
}
@@ -179,13 +191,13 @@ $data_present = false;
*/
if (@count($xml->children())) {
$data_present = true;
-
+
/**
* Process all database content
*/
foreach ($xml as $k1 => $v1) {
$tbl_attr = $v1->attributes();
-
+
$isInTables = false;
for ($i = 0; $i < count($tables); ++$i) {
if (! strcmp($tables[$i][TBL_NAME], (string)$tbl_attr['name'])) {
@@ -193,11 +205,11 @@ if (@count($xml->children())) {
break;
}
}
-
+
if ($isInTables == false) {
$tables[] = array((string)$tbl_attr['name']);
}
-
+
foreach ($v1 as $k2 => $v2) {
$row_attr = $v2->attributes();
if (! array_search((string)$row_attr['name'], $tempRow))
@@ -206,17 +218,17 @@ if (@count($xml->children())) {
}
$tempCells[] = (string)$v2;
}
-
+
$rows[] = array((string)$tbl_attr['name'], $tempRow, $tempCells);
-
+
$tempRow = array();
$tempCells = array();
}
-
+
unset($tempRow);
unset($tempCells);
unset($xml);
-
+
/**
* Bring accumulated rows into the corresponding table
*/
@@ -227,17 +239,17 @@ if (@count($xml->children())) {
if (! isset($tables[$i][COL_NAMES])) {
$tables[$i][] = $rows[$j][COL_NAMES];
}
-
+
$tables[$i][ROWS][] = $rows[$j][ROWS];
}
}
}
-
+
unset($rows);
-
+
if (! $struct_present) {
$analyses = array();
-
+
$len = count($tables);
for ($i = 0; $i < $len; ++$i) {
$analyses[] = PMA_analyzeTable($tables[$i]);
@@ -289,7 +301,7 @@ if (strlen($db)) {
if ($db_name === NULL) {
$db_name = 'XML_DB';
}
-
+
/* Set database collation/charset */
$options = array(
'db_collation' => $collation,
diff --git a/translators.html b/translators.html
index 24096d7..af5719b 100644
--- a/translators.html
+++ b/translators.html
@@ -11,7 +11,7 @@
<link rel="icon" href="./favicon.ico"
type="image/x-icon" />
<link rel="shortcut icon" href="./favicon.ico"
type="image/x-icon" />
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />
- <title>phpMyAdmin 3.3.10.4 - Official translators</title>
+ <title>phpMyAdmin 3.3.10.5 - Official translators</title>
<link rel="stylesheet" type="text/css"
href="docs.css" />
</head>
@@ -19,7 +19,7 @@
<div id="header">
<h1>
<a
href="http://www.phpmyadmin.net/">php<span
class="myadmin">MyAdmin</span></a>
- 3.3.10.4
+ 3.3.10.5
official translators list
</h1>
</div>
hooks/post-receive
--
phpMyAdmin