The annotated tag, RELEASE_3_3_5_1 has been created at e6112b8db126558dcca7695b6ca04e8d46fad53e (tag) tagging 5a0fec9b3c6327bf8d4be31190f0a780a0071e2c (commit) replaces RELEASE_3_3_5 tagged by Michal Čihař on Fri Aug 20 13:55:43 2010 +0200
- Log ----------------------------------------------------------------- Released 3.3.5.1
Herman van Rink (1): Fix XSS on error with very long query.
Marc Delisle (2): Fix XSS on delimiter in db_sql.php. Limit list of correct values for sort order.
Michal Čihař (21): Fix XSS on field_str in db_search.php. Fix XSS on delimiter in tbl_sql.php. Secure handling of sort_by and sort_order in server_databases.php. Fix handling of unknown sort order. Add option to escape PMA_sanitize output. Escape html chars in form values. Document PMA_sanitize. Fix XSS on checkprivs. Fix XSS on dbname. Fix XSS on tablename and pred_tablename. Fix XSS on username. Fix XSS on hostname. Properly check validity of sort parameter. Do not assume that DefaultLang is escaped. Revert "Do not assume that DefaultLang is escaped." Fix XSS with $cfg['SQP']['fmtType'] = 'text'. Fix possible XSS on IIS redirect page. Avoid information disclossure on error. Escape error message coming from MySQL to avoid XSS on bad parameters. Changelog. Set version to 3.3.5.1.
-----------------------------------------------------------------------
hooks/post-receive