Branch: refs/heads/QA_4_6 Home: https://github.com/phpmyadmin/phpmyadmin Commit: b69311e460bd52eebc4402a165c012e63121ef03 https://github.com/phpmyadmin/phpmyadmin/commit/b69311e460bd52eebc4402a165c0... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-11-16 (Wed, 16 Nov 2016) Changed paths: M libraries/server_privileges.lib.php Log Message: ----------- Fix self-injection in Table specific privileges Don't manually add backticks (`) rather use the Util function, since escaping of backticks inside the column_name has to be handled too. Fix #12361 Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Commit: 88b284816cdcbb3783685785f887faa061d0bd07 https://github.com/phpmyadmin/phpmyadmin/commit/88b284816cdcbb3783685785f887... Author: Deven Bansod <devenbansod.bits@gmail.com> Date: 2016-11-16 (Wed, 16 Nov 2016) Changed paths: M ChangeLog Log Message: ----------- ChangeLog for #12361 Signed-off-by: Deven Bansod <devenbansod.bits@gmail.com> Conflicts: ChangeLog Commit: 80d1bc7c2b6c29b29fe6653ae54d34f8bbb828d4 https://github.com/phpmyadmin/phpmyadmin/commit/80d1bc7c2b6c29b29fe6653ae54d... Author: Michal Čihař <michal@cihar.com> Date: 2016-11-16 (Wed, 16 Nov 2016) Changed paths: M ChangeLog M libraries/server_privileges.lib.php Log Message: ----------- Merge pull request #12711 from devenbansod/fix_12361 Fix #12361 : Fix self SQL injection in table-specific privileges Compare: https://github.com/phpmyadmin/phpmyadmin/compare/0c36e5fd8536...80d1bc7c2b6c