Branch: refs/heads/MAINT_4_0_10 Home: https://github.com/phpmyadmin/phpmyadmin Commit: afe84645f29f5acc9970f3ffa5673585bf2dee7d https://github.com/phpmyadmin/phpmyadmin/commit/afe84645f29f5acc9970f3ffa567... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-08 (Thu, 08 Dec 2016) Changed paths: M libraries/structure.lib.php Log Message: ----------- Quote table name for use in regexp Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 7fe97a1f3c4695f630e39d9433b8fa7539eee30e https://github.com/phpmyadmin/phpmyadmin/commit/7fe97a1f3c4695f630e39d9433b8... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-08 (Thu, 08 Dec 2016) Changed paths: M setup/frames/index.inc.php Log Message: ----------- Avoid using REQUEST_URI in form action It's really not necessary here and might cause redirection issues. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 3d230b6ab76ff018645f2090c2664169835f465b https://github.com/phpmyadmin/phpmyadmin/commit/3d230b6ab76ff018645f2090c266... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-08 (Thu, 08 Dec 2016) Changed paths: M tbl_replace.php Log Message: ----------- Avoid infinite recursion on goto Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 00607e60417f43cd9202d5fbf49b3a78385c4138 https://github.com/phpmyadmin/phpmyadmin/commit/00607e60417f43cd9202d5fbf49b... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-08 (Thu, 08 Dec 2016) Changed paths: M tbl_replace.php Log Message: ----------- Whitespace cleanup Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 8a0816266cc1db9e9889829f9f0d88a19650c977 https://github.com/phpmyadmin/phpmyadmin/commit/8a0816266cc1db9e9889829f9f0d... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-08 (Thu, 08 Dec 2016) Changed paths: M libraries/Theme.class.php Log Message: ----------- Do not provide fallback to cookie for font size * This should be already handled by Config class * Injecting cookie value to CSS could be security risk Signed-off-by: Michal Čihař <michal@cihar.com> Commit: f8ad5bd759156c8c00a1c3e0ef374660027a3bb4 https://github.com/phpmyadmin/phpmyadmin/commit/f8ad5bd759156c8c00a1c3e0ef37... Author: Michal Čihař <michal@cihar.com> Date: 2016-12-21 (Wed, 21 Dec 2016) Changed paths: M server_replication.php Log Message: ----------- Do not allow arbitrary connection in replication setup without AllowArbitraryServer Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 801485a7f43998a633a857bd4a00ad085138937d https://github.com/phpmyadmin/phpmyadmin/commit/801485a7f43998a633a857bd4a00... Author: Michal Čihař <michal@cihar.com> Date: 2017-01-07 (Sat, 07 Jan 2017) Changed paths: M doc/setup.rst M libraries/config/ConfigFile.class.php M libraries/vendor_config.php M setup/config.php M setup/frames/config.inc.php M setup/frames/index.inc.php M setup/lib/index.lib.php Log Message: ----------- Remove setup download/load/delete features This removes risk of third party manipulating with the configuration as there was race condition between editing and using the file. Downloading the file should not be big hassle and this really makes the whole setup a bit simpler. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 88cc11ab134d39f19e7ebf32db4641071e7607ff https://github.com/phpmyadmin/phpmyadmin/commit/88cc11ab134d39f19e7ebf32db46... Author: Michal Čihař <michal@cihar.com> Date: 2017-01-07 (Sat, 07 Jan 2017) Changed paths: M setup/index.php Log Message: ----------- Disable setup if configuration already exists The setup allows to figure out quite a lot about system and network, so it's safer to block access to it once phpMyAdmin has been configured. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 4b5f3f9a121dd2b606d8f455f182db21512244fe https://github.com/phpmyadmin/phpmyadmin/commit/4b5f3f9a121dd2b606d8f455f182... Author: Michal Čihař <michal@cihar.com> Date: 2017-01-17 (Tue, 17 Jan 2017) Changed paths: M libraries/php-gettext/gettext.php Log Message: ----------- Merge changes from php-gettext 1.0.12 This ensures that parameter to select_string is numeric, avoiding code injection through it. Our code is not vulnerable as we do not pass user supplied values to this function, this fix is included only to be closer to upstream. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 567b27487e8cb6ed97ba25afc46ed1223b3e31eb https://github.com/phpmyadmin/phpmyadmin/commit/567b27487e8cb6ed97ba25afc46e... Author: Michal Čihař <michal@cihar.com> Date: 2017-01-21 (Sat, 21 Jan 2017) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- Prepare changelog for 4.0.10.19 Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 3d8b97b2556311ca7a0a9b8cbbbba94aa2276b6e https://github.com/phpmyadmin/phpmyadmin/commit/3d8b97b2556311ca7a0a9b8cbbbb... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-01-23 (Mon, 23 Jan 2017) Changed paths: M ChangeLog Log Message: ----------- ChangeLog for 4.0.10.19 Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Compare: https://github.com/phpmyadmin/phpmyadmin/compare/69b4b5c7f571...3d8b97b25563