[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_4RC1-39-g4e89311
Marc Delisle
lem9 at users.sourceforge.net
Wed Aug 24 18:40:18 CEST 2011
The branch, QA_3_4 has been updated
via 4e89311089f9d63db39ba619bab8d0a6f5623204 (commit)
from 3b75f549f4a1f5e2ad45b5189f11496b4f70cccb (commit)
- Log -----------------------------------------------------------------
commit 4e89311089f9d63db39ba619bab8d0a6f5623204
Author: Marc Delisle <marc at infomarc.info>
Date: Wed Aug 24 12:38:50 2011 -0400
ChangeLog and 3.4.4 XSS fix
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 97b7ef350a..20e1751 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,7 +12,7 @@ phpMyAdmin - ChangeLog
- [import] Remove native Excel import modules (xls and xlsx formats)
- bug #3392920 [edit] BLOB emptied after editing another column
-3.4.4.0 (not yet released)
+3.4.4.0 (2011-08-24)
- bug #3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes
- bug #3323101 [parser] Invalid escape sequence in SQL parser
- bug #3348995 [config] $cfg['Export']['asfile'] set to false does not select asText option
@@ -30,6 +30,7 @@ phpMyAdmin - ChangeLog
- bug #3372807 [interface] Fix security warning link in setup
- bug #3374347 [display] Backquotes in normal text on import page
- bug #3358750 [core] With Suhosin, urls are too long in edit links
+- [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13
3.4.3.2 (2011-07-23)
- [security] Fixed XSS vulnerability, see PMASA-2011-9
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list