[Phpmyadmin-git] [SCM] phpMyAdmin branch, STABLE, updated. RELEASE_3_3_8_1-9-g19e56ea

Marc Delisle lem9 at users.sourceforge.net
Mon Nov 29 18:30:29 CET 2010 

The branch, STABLE has been updated
       via  19e56eacec926545507d9805b49b34c682e17d0a (commit)
       via  150798965d85ee7aee19076a8cd9f8f71770acc7 (commit)
       via  fcc04991533333d18c86b3005967da2d75a56fb9 (commit)
       via  38547bea51e3ee1b84564dc111c64cc476d2e73c (commit)
       via  4341818d73d454451f024950a4ce0141608ac7f8 (commit)
      from  8291c2069dd503155f59a6ea4c480fceed998e61 (commit)


- Log -----------------------------------------------------------------
commit 19e56eacec926545507d9805b49b34c682e17d0a
Merge: 8291c2069dd503155f59a6ea4c480fceed998e61 150798965d85ee7aee19076a8cd9f8f71770acc7
Author: Marc Delisle <marc at infomarc.info>
Date:   Mon Nov 29 12:28:46 2010 -0500

    Merge branch 'MAINT_3_3_8' into STABLE

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                  |    6 +++---
 Documentation.html         |    4 ++--
 README                     |    4 ++--
 libraries/Config.class.php |    2 +-
 libraries/common.lib.php   |    2 +-
 translators.html           |    4 ++--
 6 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 4827fb6..8fad918 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
 $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
+3.3.8.1 (2010-11-29)
+- bug #3115519 (private) [security] XSS on db search, see PMASA-2010-8
+
 3.3.8.0 (2010-10-25)
 - bug #3059311 [import] BIGINT field type added to table analysis
 - [core] Update library PHPExcel to version 1.7.4
@@ -18,9 +21,6 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 3.3.7.0 (2010-09-07)
 - patch #3050492 [PDF scratchboard] Cannot drag table box to the edge after
   a page size increase, thanks to Martin Schönberger - mad05
-- bug #3054458 [core] Fixed displaying number of rows.
-- bug #3035300 [parser] Fixed wrong definition of keywords.
-- [setup] Fixed escaping of server name.
 
 3.3.6.0 (2010-08-28)
 - bug #3033063 [core] Navi gets wrong db name
diff --git a/Documentation.html b/Documentation.html
index a233ccd..bf30068 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.3.8 - Documentation</title>
+    <title>phpMyAdmin 3.3.8.1 - Documentation</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
-        3.3.8 
+        3.3.8.1
         Documentation
     </h1>
 </div>
diff --git a/README b/README
index 967acde..d84e8d7 100644
--- a/README
+++ b/README
@@ -5,8 +5,8 @@ phpMyAdmin - Readme
 
   A set of PHP-scripts to manage MySQL over the web.
 
-  Version 3.3.8
-  -------------
+  Version 3.3.8.1
+  ---------------
   http://www.phpmyadmin.net/
 
     Copyright (C) 1998-2000 Tobias Ratschiller <tobias_at_ratschiller.com>
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index 6594e3a..8f5c43d 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -92,7 +92,7 @@ class PMA_Config
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '3.3.8');
+        $this->set('PMA_VERSION', '3.3.8.1');
         /**
          * @deprecated
          */
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index 610438c..b926e92 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1634,7 +1634,7 @@ function PMA_linkOrButton($url, $message, $tag_params = array(),
         $tmp = $tag_params;
         $tag_params = array();
         if (!empty($tmp)) {
-            $tag_params['onclick'] = 'return confirmLink(this, \'' . $tmp . '\')';
+            $tag_params['onclick'] = 'return confirmLink(this, \'' . PMA_escapeJsString($tmp) . '\')';
         }
         unset($tmp);
     }
diff --git a/translators.html b/translators.html
index 598e218..f390397 100644
--- a/translators.html
+++ b/translators.html
@@ -11,7 +11,7 @@
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.3.8 - Official translators</title>
+    <title>phpMyAdmin 3.3.8.1 - Official translators</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -19,7 +19,7 @@
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
-        3.3.8 
+        3.3.8.1 
         official translators list
     </h1>
 </div>


hooks/post-receive
-- 
phpMyAdmin

More information about the Git mailing list