[Phpmyadmin-git] [SCM] phpMyAdmin branch, MAINT_3_3_10, updated. RELEASE_3_3_10_1-6-gab31a25

Marc Delisle lem9 at users.sourceforge.net
Sun Jul 3 02:54:53 CEST 2011


The branch, MAINT_3_3_10 has been updated
       via  ab31a2565f494c69e6b0d9a82a2932c7656592b5 (commit)
       via  5ee357a572866e730d83f56d6187a67c7c48e523 (commit)
       via  911a83393e5b7064084fd140889d0fb2f3166b99 (commit)
       via  ca74f480f119a53ef07ca40d2ab28f063cc89ec9 (commit)
       via  2e01647949df937040e73a94ce0bac0daecbdcf4 (commit)
       via  6e6e129f26295c83d67b74e202628a4b8bc49e54 (commit)
      from  6eae88e65f39347e480cf67008f3d98f19f47248 (commit)


- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                 |    6 ++++++
 Documentation.html                        |    4 ++--
 README                                    |    2 +-
 libraries/Config.class.php                |    2 +-
 libraries/auth/swekey/swekey.auth.lib.php |    5 ++---
 libraries/display_tbl.lib.php             |    2 +-
 libraries/server_synchronize.lib.php      |    2 +-
 setup/lib/ConfigFile.class.php            |    2 +-
 translators.html                          |    4 ++--
 9 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f207579..3816fdc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,12 @@ phpMyAdmin - ChangeLog
 $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
+3.3.10.2 (2011-07-02)
+- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5
+- [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6
+- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
+- [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8
+
 3.3.10.1 (2011-05-20)
 - [security] XSS on Tracking page
 
diff --git a/Documentation.html b/Documentation.html
index 7797037..89640a1 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -10,7 +10,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.3.10.1 - Documentation</title>
+    <title>phpMyAdmin 3.3.10.2 - Documentation</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -18,7 +18,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
-        3.3.10.1 
+        3.3.10.2 
         Documentation
     </h1>
 </div>
diff --git a/README b/README
index 3e821bf..5bce68c 100644
--- a/README
+++ b/README
@@ -5,7 +5,7 @@ phpMyAdmin - Readme
 
   A set of PHP-scripts to manage MySQL over the web.
 
-  Version 3.3.10.1
+  Version 3.3.10.2
   ----------------
   http://www.phpmyadmin.net/
 
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index 614cc2e..79a006b 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -92,7 +92,7 @@ class PMA_Config
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '3.3.10.1');
+        $this->set('PMA_VERSION', '3.3.10.2');
         /**
          * @deprecated
          */
diff --git a/libraries/auth/swekey/swekey.auth.lib.php b/libraries/auth/swekey/swekey.auth.lib.php
index 3dbad75..2a790c4 100644
--- a/libraries/auth/swekey/swekey.auth.lib.php
+++ b/libraries/auth/swekey/swekey.auth.lib.php
@@ -263,11 +263,10 @@ function Swekey_login($input_name, $input_go)
 	}
 }
 
-if (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false)
+if (!empty($_GET['session_to_unset']))
 {
-    parse_str($_SERVER['QUERY_STRING']);
 	session_write_close();
-	session_id($session_to_unset);
+	session_id($_GET['session_to_unset']);
 	session_start();
 	$_SESSION = array();
 	session_write_close();
diff --git a/libraries/display_tbl.lib.php b/libraries/display_tbl.lib.php
index 7ef333d..186ce3e 100644
--- a/libraries/display_tbl.lib.php
+++ b/libraries/display_tbl.lib.php
@@ -1220,7 +1220,7 @@ function PMA_displayTableBody(&$dt_result, &$is_display, $map, $analyzed_sql) {
             if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {
 
                 if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) {
-                    $include_file = $GLOBALS['mime_map'][$meta->name]['transformation'];
+                    $include_file = PMA_securePath($GLOBALS['mime_map'][$meta->name]['transformation']);
 
                     if (file_exists('./libraries/transformations/' . $include_file)) {
                         $transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']);
diff --git a/libraries/server_synchronize.lib.php b/libraries/server_synchronize.lib.php
index 79948b9..646ef25 100644
--- a/libraries/server_synchronize.lib.php
+++ b/libraries/server_synchronize.lib.php
@@ -624,7 +624,7 @@ function PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, &$uncomm
         $Create_Query = PMA_DBI_fetch_value("SHOW CREATE TABLE " . PMA_backquote($src_db) . '.' . PMA_backquote($uncommon_tables[$table_index]), 0, 1, $src_link);
 
         // Replace the src table name with a `dbname`.`tablename`
-        $Create_Table_Query = preg_replace('/' . PMA_backquote($uncommon_tables[$table_index]) . '/', 
+        $Create_Table_Query = preg_replace('/' . preg_quote(PMA_backquote($uncommon_tables[$table_index]), '/') . '/', 
                                             PMA_backquote($trg_db) . '.' .PMA_backquote($uncommon_tables[$table_index]),
                                             $Create_Query,
                                             $limit = 1
diff --git a/setup/lib/ConfigFile.class.php b/setup/lib/ConfigFile.class.php
index c0ff63d..978eba3 100644
--- a/setup/lib/ConfigFile.class.php
+++ b/setup/lib/ConfigFile.class.php
@@ -286,7 +286,7 @@ class ConfigFile
         if ($this->getServerCount() > 0) {
             $ret .= "/* Servers configuration */$crlf\$i = 0;" . $crlf . $crlf;
             foreach ($c['Servers'] as $id => $server) {
-                $ret .= '/* Server: ' . strtr($this->getServerName($id), '*/', '-') . " [$id] */" . $crlf
+                $ret .= '/* Server: ' . strtr($this->getServerName($id) . " [$id] ", '*/', '-') . "*/" . $crlf
                     . '$i++;' . $crlf;
                 foreach ($server as $k => $v) {
                     $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);
diff --git a/translators.html b/translators.html
index 3238f69..5ca2669 100644
--- a/translators.html
+++ b/translators.html
@@ -11,7 +11,7 @@
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.3.10.1 - Official translators</title>
+    <title>phpMyAdmin 3.3.10.2 - Official translators</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -19,7 +19,7 @@
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
-        3.3.10.1 
+        3.3.10.2 
         official translators list
     </h1>
 </div>


hooks/post-receive
-- 
phpMyAdmin




More information about the Git mailing list