Branch: refs/heads/MAINT_4_0_10
Home:
https://github.com/phpmyadmin/phpmyadmin
Commit: ac81596bfcf0b3cae9f6bc821efa4aa1c7f0c81d
https://github.com/phpmyadmin/phpmyadmin/commit/ac81596bfcf0b3cae9f6bc821ef…
Author: Madhura Jayaratne <madhura.cj(a)gmail.com>
Date: 2016-01-15 (Fri, 15 Jan 2016)
Changed paths:
M setup/frames/form.inc.php
M setup/index.php
M setup/validate.php
Log Message:
-----------
[Security] Fix path disclosure, items 1.4.x, 1.5 and 1.6
Signed-off-by: Madhura Jayaratne <madhura.cj(a)gmail.com>
Commit: 9f3488fc3ab6b83618dbb4bebbea4b973764e2ac
https://github.com/phpmyadmin/phpmyadmin/commit/9f3488fc3ab6b83618dbb4bebbe…
Author: Madhura Jayaratne <madhura.cj(a)gmail.com>
Date: 2016-01-19 (Tue, 19 Jan 2016)
Changed paths:
M libraries/TableSearch.class.php
Log Message:
-----------
Fix XSS in zoom search
Signed-off-by: Madhura Jayaratne <madhura.cj(a)gmail.com>
Commit: 0ce4fd2750491a54d27f94cc1403f9da21738aa6
https://github.com/phpmyadmin/phpmyadmin/commit/0ce4fd2750491a54d27f94cc140…
Author: Madhura Jayaratne <madhura.cj(a)gmail.com>
Date: 2016-01-19 (Tue, 19 Jan 2016)
Changed paths:
M libraries/DbSearch.class.php
Log Message:
-----------
Fix XSS in DB_search.php
Signed-off-by: Madhura Jayaratne <madhura.cj(a)gmail.com>
Commit: 6a96e67487f2faecb4de4204fee9b96b94020720
https://github.com/phpmyadmin/phpmyadmin/commit/6a96e67487f2faecb4de4204fee…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M js/functions.js
Log Message:
-----------
Use secure RNG if available
Recent browsers come with better RNG, so let's use it for generating
password instead of Math.random if available.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 2369daa7f5f550797f560e6b46a021e4558c2d72
https://github.com/phpmyadmin/phpmyadmin/commit/2369daa7f5f550797f560e6b46a…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M js/functions.js
Log Message:
-----------
Use full alphabet to generate random passwords
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 6fe54dfa000dd6f43f237e859781fad7111ac1bd
https://github.com/phpmyadmin/phpmyadmin/commit/6fe54dfa000dd6f43f237e85978…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
A libraries/phpseclib/Crypt/Random.php
M libraries/session.inc.php
Log Message:
-----------
Use phpseclib's Crypt::Random to generate CSRF token
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 27eb98faedcdcd0b856577fcbdfe3e87b2445345
https://github.com/phpmyadmin/phpmyadmin/commit/27eb98faedcdcd0b856577fcbdf…
Author: Madhura Jayaratne <madhura.cj(a)gmail.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M libraries/core.lib.php
Log Message:
-----------
Escape javascript variable content
Signed-off-by: Madhura Jayaratne <madhura.cj(a)gmail.com>
Commit: fe62b69a5b032de8e1d9d0a04456c1cecf46428c
https://github.com/phpmyadmin/phpmyadmin/commit/fe62b69a5b032de8e1d9d0a0445…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M libraries/common.inc.php
M libraries/core.lib.php
Log Message:
-----------
Use hash_equals for comparing token
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 8023340a259ecae6a3bd9268f4e39d097bdf0146
https://github.com/phpmyadmin/phpmyadmin/commit/8023340a259ecae6a3bd9268f4e…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M libraries/common.inc.php
Log Message:
-----------
Include common libraries in setup
We use PMA_fatalError which in turn needs Response and related objects.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 215f4a8ebe717ba646be00fca8519cf768a902f5
https://github.com/phpmyadmin/phpmyadmin/commit/215f4a8ebe717ba646be00fca85…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M setup/lib/common.inc.php
Log Message:
-----------
Can not use PMA_fatalError when including fails
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 7056ca9458d26b24a6b1d9255073237c1636ca33
https://github.com/phpmyadmin/phpmyadmin/commit/7056ca9458d26b24a6b1d925507…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M libraries/common.inc.php
Log Message:
-----------
Do not process subforms with PMA_MINIMUM_COMMON
In such case needed infrastructure is not loaded, so related code won't
work anyway.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 25738352df8057b542eeac3237eb6fd1d3ba4289
https://github.com/phpmyadmin/phpmyadmin/commit/25738352df8057b542eeac3237e…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-26 (Tue, 26 Jan 2016)
Changed paths:
M libraries/database_interface.lib.php
Log Message:
-----------
Fallback to default collation connection
If user supplied wrong string we should gracefully fallback.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 5b79467245b6e0a476775e2958b42088794f8e02
https://github.com/phpmyadmin/phpmyadmin/commit/5b79467245b6e0a476775e2958b…
Author: Michal Čihař <michal(a)cihar.com>
Date: 2016-01-27 (Wed, 27 Jan 2016)
Changed paths:
M libraries/common.inc.php
Log Message:
-----------
Enable localization before redirect
This is needed in case of IIS which needs full HTML response.
Signed-off-by: Michal Čihař <michal(a)cihar.com>
Commit: 16136ea0ef224ed22c3dffd629e3e147579f5f38
https://github.com/phpmyadmin/phpmyadmin/commit/16136ea0ef224ed22c3dffd629e…
Author: Isaac Bennetch <bennetch(a)gmail.com>
Date: 2016-01-27 (Wed, 27 Jan 2016)
Changed paths:
M README
M doc/conf.py
M libraries/Config.class.php
Log Message:
-----------
Increment version for 4.0.10.13 release
Signed-off-by: Isaac Bennetch <bennetch(a)gmail.com>
Compare:
https://github.com/phpmyadmin/phpmyadmin/compare/66149607b1b5...16136ea0ef22