Branch: refs/heads/QA_4_7 Home: https://github.com/phpmyadmin/phpmyadmin Commit: edd929216ade9f7c150a262ba3db44db0fed0e1b https://github.com/phpmyadmin/phpmyadmin/commit/edd929216ade9f7c150a262ba3db... Author: Michal Čihař <michal@cihar.com> Date: 2017-12-14 (Thu, 14 Dec 2017) Changed paths: M libraries/URL.php M libraries/common.inc.php M libraries/navigation/NavigationTree.php M libraries/navigation/nodes/NodeColumn.php M libraries/navigation/nodes/NodeColumnContainer.php M libraries/navigation/nodes/NodeDatabase.php M libraries/navigation/nodes/NodeDatabaseContainer.php M libraries/navigation/nodes/NodeEvent.php M libraries/navigation/nodes/NodeEventContainer.php M libraries/navigation/nodes/NodeFunction.php M libraries/navigation/nodes/NodeFunctionContainer.php M libraries/navigation/nodes/NodeIndex.php M libraries/navigation/nodes/NodeIndexContainer.php M libraries/navigation/nodes/NodeProcedure.php M libraries/navigation/nodes/NodeProcedureContainer.php M libraries/navigation/nodes/NodeTable.php M libraries/navigation/nodes/NodeTableContainer.php M libraries/navigation/nodes/NodeTrigger.php M libraries/navigation/nodes/NodeTriggerContainer.php M libraries/navigation/nodes/NodeView.php M libraries/navigation/nodes/NodeViewContainer.php M test/classes/AdvisorTest.php M test/classes/DbSearchTest.php M test/classes/DisplayResultsTest.php M test/classes/FooterTest.php M test/classes/ThemeTest.php M test/classes/URLTest.php M test/classes/config/PageSettingsTest.php M test/classes/navigation/NavigationTest.php M test/classes/navigation/NodeDatabaseChildTest.php M test/classes/plugin/auth/AuthenticationConfigTest.php M test/classes/plugin/auth/AuthenticationCookieTest.php M test/libraries/PMA_Form_Processing_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M test/libraries/PMA_user_preferences_test.php M test/libraries/common/PMA_getDbLink_test.php Log Message: ----------- Bring back token validation to GET requests This is necessary to avoid CSRF on SQL queries. This is really more a short term fix, proper fix (to be implemented in master) is to avoid accepting SQL queries from GET requests. This reverts commits: * dae3390a02ca6687fd31ca784474d56240c6c538 * ea73fded7138038aa5a415c7081d838fc094eff7 * 90433788d6f319cd112f0962ba9b3d1c22b5f2c7 * f797a8d87d8bf3cab3380747194ddd3c5db195e1 * 9c1cfc855318d12f7c0a1c4fbe8f35564aa72769 Signed-off-by: Michal Čihař <michal@cihar.com> Commit: 5d71c3972f8feb7d2ed9ee6ac82596a4d6bdbe36 https://github.com/phpmyadmin/phpmyadmin/commit/5d71c3972f8feb7d2ed9ee6ac825... Author: Madhura Jayaratne <madhura.cj@gmail.com> Date: 2017-12-16 (Sat, 16 Dec 2017) Changed paths: M libraries/URL.php M libraries/common.inc.php M libraries/navigation/NavigationTree.php M libraries/navigation/nodes/NodeColumn.php M libraries/navigation/nodes/NodeColumnContainer.php M libraries/navigation/nodes/NodeDatabase.php M libraries/navigation/nodes/NodeDatabaseContainer.php M libraries/navigation/nodes/NodeEvent.php M libraries/navigation/nodes/NodeEventContainer.php M libraries/navigation/nodes/NodeFunction.php M libraries/navigation/nodes/NodeFunctionContainer.php M libraries/navigation/nodes/NodeIndex.php M libraries/navigation/nodes/NodeIndexContainer.php M libraries/navigation/nodes/NodeProcedure.php M libraries/navigation/nodes/NodeProcedureContainer.php M libraries/navigation/nodes/NodeTable.php M libraries/navigation/nodes/NodeTableContainer.php M libraries/navigation/nodes/NodeTrigger.php M libraries/navigation/nodes/NodeTriggerContainer.php M libraries/navigation/nodes/NodeView.php M libraries/navigation/nodes/NodeViewContainer.php M test/classes/AdvisorTest.php M test/classes/DbSearchTest.php M test/classes/DisplayResultsTest.php M test/classes/FooterTest.php M test/classes/ThemeTest.php M test/classes/URLTest.php M test/classes/config/PageSettingsTest.php M test/classes/navigation/NavigationTest.php M test/classes/navigation/NodeDatabaseChildTest.php M test/classes/plugin/auth/AuthenticationConfigTest.php M test/classes/plugin/auth/AuthenticationCookieTest.php M test/libraries/PMA_Form_Processing_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M test/libraries/PMA_user_preferences_test.php M test/libraries/common/PMA_getDbLink_test.php Log Message: ----------- Merge pull request #235 from phpmyadmin/token-get Bring back token validation to GET requests Commit: 5503abe53a4ee1d8481c2c4283cb7341e1bff03e https://github.com/phpmyadmin/phpmyadmin/commit/5503abe53a4ee1d8481c2c4283cb... Author: Michal Čihař <michal@cihar.com> Date: 2017-12-18 (Mon, 18 Dec 2017) Changed paths: M libraries/URL.php M libraries/common.inc.php M libraries/navigation/NavigationTree.php M libraries/navigation/nodes/NodeColumn.php M libraries/navigation/nodes/NodeColumnContainer.php M libraries/navigation/nodes/NodeDatabase.php M libraries/navigation/nodes/NodeDatabaseContainer.php M libraries/navigation/nodes/NodeEvent.php M libraries/navigation/nodes/NodeEventContainer.php M libraries/navigation/nodes/NodeFunction.php M libraries/navigation/nodes/NodeFunctionContainer.php M libraries/navigation/nodes/NodeIndex.php M libraries/navigation/nodes/NodeIndexContainer.php M libraries/navigation/nodes/NodeProcedure.php M libraries/navigation/nodes/NodeProcedureContainer.php M libraries/navigation/nodes/NodeTable.php M libraries/navigation/nodes/NodeTableContainer.php M libraries/navigation/nodes/NodeTrigger.php M libraries/navigation/nodes/NodeTriggerContainer.php M libraries/navigation/nodes/NodeView.php M libraries/navigation/nodes/NodeViewContainer.php M test/classes/AdvisorTest.php M test/classes/DbSearchTest.php M test/classes/DisplayResultsTest.php M test/classes/FooterTest.php M test/classes/ThemeTest.php M test/classes/URLTest.php M test/classes/config/PageSettingsTest.php M test/classes/navigation/NavigationTest.php M test/classes/navigation/NodeDatabaseChildTest.php M test/classes/plugin/auth/AuthenticationConfigTest.php M test/classes/plugin/auth/AuthenticationCookieTest.php M test/libraries/PMA_Form_Processing_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M test/libraries/PMA_user_preferences_test.php M test/libraries/common/PMA_getDbLink_test.php Log Message: ----------- Merge remote-tracking branch 'security/QA_4_7-security' into QA_4_7-security Commit: 203148dd486058a45505646b86290e46e262cf3d https://github.com/phpmyadmin/phpmyadmin/commit/203148dd486058a45505646b8629... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-12-23 (Sat, 23 Dec 2017) Changed paths: M ChangeLog M README M doc/conf.py M libraries/Config.php Log Message: ----------- Prepare for release 4.7.7 Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Commit: c178ff69111311f568b72345a591e84cc09153fa https://github.com/phpmyadmin/phpmyadmin/commit/c178ff69111311f568b72345a591... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-12-23 (Sat, 23 Dec 2017) Changed paths: M libraries/URL.php M libraries/common.inc.php M libraries/navigation/NavigationTree.php M libraries/navigation/nodes/NodeColumn.php M libraries/navigation/nodes/NodeColumnContainer.php M libraries/navigation/nodes/NodeDatabase.php M libraries/navigation/nodes/NodeDatabaseContainer.php M libraries/navigation/nodes/NodeEvent.php M libraries/navigation/nodes/NodeEventContainer.php M libraries/navigation/nodes/NodeFunction.php M libraries/navigation/nodes/NodeFunctionContainer.php M libraries/navigation/nodes/NodeIndex.php M libraries/navigation/nodes/NodeIndexContainer.php M libraries/navigation/nodes/NodeProcedure.php M libraries/navigation/nodes/NodeProcedureContainer.php M libraries/navigation/nodes/NodeTable.php M libraries/navigation/nodes/NodeTableContainer.php M libraries/navigation/nodes/NodeTrigger.php M libraries/navigation/nodes/NodeTriggerContainer.php M libraries/navigation/nodes/NodeView.php M libraries/navigation/nodes/NodeViewContainer.php M test/classes/AdvisorTest.php M test/classes/DbSearchTest.php M test/classes/DisplayResultsTest.php M test/classes/FooterTest.php M test/classes/ThemeTest.php M test/classes/URLTest.php M test/classes/config/PageSettingsTest.php M test/classes/navigation/NavigationTest.php M test/classes/navigation/NodeDatabaseChildTest.php M test/classes/plugin/auth/AuthenticationConfigTest.php M test/classes/plugin/auth/AuthenticationCookieTest.php M test/libraries/PMA_Form_Processing_test.php M test/libraries/PMA_insert_edit_test.php M test/libraries/PMA_server_privileges_test.php M test/libraries/PMA_user_preferences_test.php M test/libraries/common/PMA_getDbLink_test.php Log Message: ----------- Merge remote-tracking branch 'security/QA_4_7-security' into QA_4_7 Commit: 1bb2e7f5e2781f5fbc6c67fa6204b930cb4e84ff https://github.com/phpmyadmin/phpmyadmin/commit/1bb2e7f5e2781f5fbc6c67fa6204... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-12-23 (Sat, 23 Dec 2017) Changed paths: M ChangeLog Log Message: ----------- Changelog for security issue Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Commit: 6ba68edd4c94a4d9ca7ff3a4679862a01aae3740 https://github.com/phpmyadmin/phpmyadmin/commit/6ba68edd4c94a4d9ca7ff3a46798... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-12-23 (Sat, 23 Dec 2017) Changed paths: A composer.lock Log Message: ----------- Adding composer lock for 4.7.7 Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Commit: 88df9e56bf341eaf2c5f7128492cb78e6fba374d https://github.com/phpmyadmin/phpmyadmin/commit/88df9e56bf341eaf2c5f7128492c... Author: Isaac Bennetch <bennetch@gmail.com> Date: 2017-12-23 (Sat, 23 Dec 2017) Changed paths: R composer.lock Log Message: ----------- Removing composer.lock Signed-off-by: Isaac Bennetch <bennetch@gmail.com> Compare: https://github.com/phpmyadmin/phpmyadmin/compare/923ac4d5e955...88df9e56bf34