[phpmyadmin/phpmyadmin] b8f1e0: Escape SQL query for inline editing

Branch: refs/heads/MAINT_4_0_10 Home: https://github.com/phpmyadmin/phpmyadmin Commit: b8f1e0f325f8f32bd82af64111d8c2e9055a363c https://github.com/phpmyadmin/phpmyadmin/commit/b8f1e0f325f8f32bd82af64111d8... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M js/functions.js Log Message: ----------- Escape SQL query for inline editing Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 73c8245a3d1893a710447957e28dcfb18d9b47ad https://github.com/phpmyadmin/phpmyadmin/commit/73c8245a3d1893a710447957e28d... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M libraries/Config.class.php Log Message: ----------- Urlencode hostname This can come from the HTTP header, so we need to be sure to sanitize it. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 0667ea8ac7519d7e642eade2686dc393d5faeae3 https://github.com/phpmyadmin/phpmyadmin/commit/0667ea8ac7519d7e642eade2686d... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M file_echo.php Log Message: ----------- Use correct headers for json data It was previously not marked as such what could potentially lead to browsers doing some autodetection. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 45ecc10d18f47ad18c0b2e17139cc7b510e36da4 https://github.com/phpmyadmin/phpmyadmin/commit/45ecc10d18f47ad18c0b2e17139c... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M libraries/tcpdf/tcpdf.php Log Message: ----------- Avoid skipping the SSL certificate check in TCPDF This code is never used in phpMyAdmin, but we fix it just to avoid potential security reports. Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 155876b48f496d25353e0532763412b0e0dc754c https://github.com/phpmyadmin/phpmyadmin/commit/155876b48f496d25353e05327634... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M libraries/Config.class.php Log Message: ----------- Merge pull request #20 from phpmyadmin/xss-host Urlencode hostname Commit: 25a632a9f4e01f86b0a17644483d1e4c5cb91ad1 https://github.com/phpmyadmin/phpmyadmin/commit/25a632a9f4e01f86b0a17644483d... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M file_echo.php Log Message: ----------- Merge pull request #22 from phpmyadmin/json-response Use correct headers for json data Commit: e795141fba2246ad4123e7bd0b2a81c2b71f193d https://github.com/phpmyadmin/phpmyadmin/commit/e795141fba2246ad4123e7bd0b2a... Author: Michal Čihař <michal@cihar.com> Date: 2016-02-25 (Thu, 25 Feb 2016) Changed paths: M ChangeLog Log Message: ----------- Add changes for security issues Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 7ddce5e39a4e12cd351732955394bc7055c280eb https://github.com/phpmyadmin/phpmyadmin/commit/7ddce5e39a4e12cd351732955394... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2016-02-29 (Mon, 29 Feb 2016) Changed paths: M libraries/server_privileges.lib.php Log Message: ----------- Fix XSS in User accounts page Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83 https://github.com/phpmyadmin/phpmyadmin/commit/fe3be9f4b9edd54dc39919e7dfea... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2016-02-29 (Mon, 29 Feb 2016) Changed paths: M tbl_zoom_select.php Log Message: ----------- Fix XSS in zoom search Signed-off-by: Madhura Jayaratne <madhura.cj@gmail.com> Commit: b1cc43ee7f8607c80889570912c5a54b7409b4d1 https://github.com/phpmyadmin/phpmyadmin/commit/b1cc43ee7f8607c80889570912c5... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2016-02-29 (Mon, 29 Feb 2016) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.class.php Log Message: ----------- 4.0.10.15 release Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Compare: https://github.com/phpmyadmin/phpmyadmin/compare/945c58b9d2d8...b1cc43ee7f86
participants (1)
-
Isaac Bennetch