Branch: refs/heads/QA_4_6 Home: https://github.com/phpmyadmin/phpmyadmin Commit: b69311e460bd52eebc4402a165c012e63121ef03 https://github.com/phpmyadmin/phpmyadmin/commit/b69311e460bd52eebc4402a165c0... Author: Deven Bansod devenbansod.bits@gmail.com Date: 2016-11-16 (Wed, 16 Nov 2016)

Changed paths: M libraries/server_privileges.lib.php

Log Message: ----------- Fix self-injection in Table specific privileges

Don't manually add backticks (`) rather use the Util function, since escaping of backticks inside the column_name has to be handled too.

Fix #12361

Signed-off-by: Deven Bansod devenbansod.bits@gmail.com

Commit: 88b284816cdcbb3783685785f887faa061d0bd07 https://github.com/phpmyadmin/phpmyadmin/commit/88b284816cdcbb3783685785f887... Author: Deven Bansod devenbansod.bits@gmail.com Date: 2016-11-16 (Wed, 16 Nov 2016)

Changed paths: M ChangeLog

Log Message: ----------- ChangeLog for #12361

Signed-off-by: Deven Bansod devenbansod.bits@gmail.com

Conflicts: ChangeLog

Commit: 80d1bc7c2b6c29b29fe6653ae54d34f8bbb828d4 https://github.com/phpmyadmin/phpmyadmin/commit/80d1bc7c2b6c29b29fe6653ae54d... Author: Michal Čihař michal@cihar.com Date: 2016-11-16 (Wed, 16 Nov 2016)

Changed paths: M ChangeLog M libraries/server_privileges.lib.php

Log Message: ----------- Merge pull request #12711 from devenbansod/fix_12361

Fix #12361 : Fix self SQL injection in table-specific privileges

Compare: https://github.com/phpmyadmin/phpmyadmin/compare/0c36e5fd8536...80d1bc7c2b6c