The branch, QA_3_4 has been updated via 4e89311089f9d63db39ba619bab8d0a6f5623204 (commit) from 3b75f549f4a1f5e2ad45b5189f11496b4f70cccb (commit) - Log ----------------------------------------------------------------- commit 4e89311089f9d63db39ba619bab8d0a6f5623204 Author: Marc Delisle <marc@infomarc.info> Date: Wed Aug 24 12:38:50 2011 -0400 ChangeLog and 3.4.4 XSS fix ----------------------------------------------------------------------- Summary of changes: ChangeLog | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/ChangeLog b/ChangeLog index 97b7ef350a..20e1751 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,7 +12,7 @@ phpMyAdmin - ChangeLog - [import] Remove native Excel import modules (xls and xlsx formats) - bug #3392920 [edit] BLOB emptied after editing another column -3.4.4.0 (not yet released) +3.4.4.0 (2011-08-24) - bug #3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes - bug #3323101 [parser] Invalid escape sequence in SQL parser - bug #3348995 [config] $cfg['Export']['asfile'] set to false does not select asText option @@ -30,6 +30,7 @@ phpMyAdmin - ChangeLog - bug #3372807 [interface] Fix security warning link in setup - bug #3374347 [display] Backquotes in normal text on import page - bug #3358750 [core] With Suhosin, urls are too long in edit links +- [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13 3.4.3.2 (2011-07-23) - [security] Fixed XSS vulnerability, see PMASA-2011-9 hooks/post-receive -- phpMyAdmin