[Phpmyadmin-git] [SCM] phpMyAdmin branch, TESTING, updated. RELEASE_3_4_3_1-39-g50efb55

Marc Delisle lem9 at users.sourceforge.net
Sun Jul 3 03:23:36 CEST 2011


The branch, TESTING has been updated
       via  50efb55a96643e997120a88e06b1a854b2feebd7 (commit)
       via  e214683f9fe4955dcbf0ffce045983728c7fa9d3 (commit)
       via  b434320eff8ca9c2fc1b043c1804f868341af9a7 (commit)
       via  69fb0f8e7dc38075427aceaf09bcac697d0590ff (commit)
       via  0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f (commit)
       via  7ebd958b2bf59f96fecd5b3322bdbd0b244a7967 (commit)
      from  dfae6aa3ee78806160113cb221ba1249d5b6fdf9 (commit)


- Log -----------------------------------------------------------------
commit 50efb55a96643e997120a88e06b1a854b2feebd7
Merge: dfae6aa3ee78806160113cb221ba1249d5b6fdf9 e214683f9fe4955dcbf0ffce045983728c7fa9d3
Author: Marc Delisle <marc at infomarc.info>
Date:   Sat Jul 2 21:19:06 2011 -0400

    Merge branch 'MAINT_3_4_3' into TESTING

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                 |   18 ++++++++++++------
 Documentation.html                        |    4 ++--
 README                                    |    2 +-
 libraries/Config.class.php                |    2 +-
 libraries/auth/swekey/swekey.auth.lib.php |    5 ++---
 libraries/display_tbl.lib.php             |    2 +-
 libraries/server_synchronize.lib.php      |    2 +-
 setup/lib/ConfigGenerator.class.php       |    2 +-
 8 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ee33037..28a5ee0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,12 @@
 phpMyAdmin - ChangeLog
 ======================
 
+3.4.3.1 (2011-07-02)
+- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5
+- [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6
+- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
+- [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8
+
 3.4.3.0 (2011-06-27)
 - bug #3311170 [sync] Missing helper icons in Synchronize
 - patch #3304473 [setup] Redefine a lable that was wrong
@@ -89,7 +95,7 @@ phpMyAdmin - ChangeLog
 + patch #2974341 [structure] Clicking on table name in db Structure should 
   Browse the table if possible, thanks to bhdouglass - dougboybhd
 + patch #2975533 [search] New search operators, thanks to
-  Martynas Mickevičius
+  Martynas Mickevičius
 + patch #2967320 [designer] Colored relations based on the primary key,
   thanks to GreenRover - greenrover
 - [core] Provide way for vendors to easily change paths to config files.
@@ -246,7 +252,7 @@ phpMyAdmin - ChangeLog
 
 3.3.7.0 (2010-09-07)
 - patch #3050492 [PDF scratchboard] Cannot drag table box to the edge after
-  a page size increase, thanks to Martin Schönberger - mad05
+  a page size increase, thanks to Martin Schönberger - mad05
 
 3.3.6.0 (2010-08-28)
 - bug #3033063 [core] Navi gets wrong db name
@@ -267,7 +273,7 @@ phpMyAdmin - ChangeLog
 
 3.3.5.0 (2010-07-26)
 - patch #2932113 [information_schema] Slow export when having lots of
-  databases, thanks to Stéphane Pontier - shadow_walker
+  databases, thanks to Stéphane Pontier - shadow_walker
 - bug #3022705 [import] Import button does not work in Catalan when there
   is no progress bar possible
 - bug [replication] Do not offer information_schema in the list of databases
@@ -307,9 +313,9 @@ phpMyAdmin - ChangeLog
 - patch #2984893 [engines] InnoDB storage page emits a warning,
   thanks to Madhura Jayaratne - madhuracj
 - bug #2974687, bug #2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work,
-  thanks to Björn Wiberg - bwiberg
+  thanks to Björn Wiberg - bwiberg
 - bug #2983066 [interface] Flush table on table operations shows the query twice, 
-  thanks to Martynas Mickevičius - BlinK_
+  thanks to Martynas Mickevičius - BlinK_
 - bug #2983060, patch #2987900 [interface] Fix initial state of tables in
   designer, thanks to Sutharshan Balachandren.
 - bug #2983062, patch #2989408 [engines] Fix warnings when changing table
@@ -388,7 +394,7 @@ phpMyAdmin - ChangeLog
 + rfe #2839504 [engines] Support InnoDB plugin's new row formats 
 + [core] Added ability for synchronizing databases among servers.
 + [lang] #2843101 Dutch update, thanks to scavenger2008
-+ [lang] Galician update, thanks to Xosé Calvo - xosecalvo
++ [lang] Galician update, thanks to Xosé Calvo - xosecalvo
 + [export] Added MediaWiki export module,
   thanks to Derek Schaefer - drummingds1
 + [lang] Turkish update, thanks to Burak Yavuz
diff --git a/Documentation.html b/Documentation.html
index 576c1f0..25b9731 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -9,7 +9,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.4.3 - Documentation</title>
+    <title>phpMyAdmin 3.4.3.1 - Documentation</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -17,7 +17,7 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/">php<span class="myadmin">MyAdmin</span></a>
-        3.4.3
+        3.4.3.1
         Documentation
     </h1>
 </div>
diff --git a/README b/README
index 02ad016..e57152a 100644
--- a/README
+++ b/README
@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 3.4.3
+Version 3.4.3.1
 
 A set of PHP-scripts to manage MySQL over the web.
 
diff --git a/libraries/Config.class.php b/libraries/Config.class.php
index cd1a0bf..28625f2 100644
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -96,7 +96,7 @@ class PMA_Config
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '3.4.3');
+        $this->set('PMA_VERSION', '3.4.3.1');
         /**
          * @deprecated
          */
diff --git a/libraries/auth/swekey/swekey.auth.lib.php b/libraries/auth/swekey/swekey.auth.lib.php
index d2ec1b1..c5f613b 100644
--- a/libraries/auth/swekey/swekey.auth.lib.php
+++ b/libraries/auth/swekey/swekey.auth.lib.php
@@ -263,11 +263,10 @@ function Swekey_login($input_name, $input_go)
 	}
 }
 
-if (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false)
+if (!empty($_GET['session_to_unset']))
 {
-    parse_str($_SERVER['QUERY_STRING']);
 	session_write_close();
-	session_id($session_to_unset);
+	session_id($_GET['session_to_unset']);
 	session_start();
 	$_SESSION = array();
 	session_write_close();
diff --git a/libraries/display_tbl.lib.php b/libraries/display_tbl.lib.php
index 64a0383..c7d74ef 100644
--- a/libraries/display_tbl.lib.php
+++ b/libraries/display_tbl.lib.php
@@ -1308,7 +1308,7 @@ function PMA_displayTableBody(&$dt_result, &$is_display, $map, $analyzed_sql) {
             if ($GLOBALS['cfgRelation']['mimework'] && $GLOBALS['cfg']['BrowseMIME']) {
 
                 if (isset($GLOBALS['mime_map'][$meta->name]['mimetype']) && isset($GLOBALS['mime_map'][$meta->name]['transformation']) && !empty($GLOBALS['mime_map'][$meta->name]['transformation'])) {
-                    $include_file = $GLOBALS['mime_map'][$meta->name]['transformation'];
+                    $include_file = PMA_securePath($GLOBALS['mime_map'][$meta->name]['transformation']);
 
                     if (file_exists('./libraries/transformations/' . $include_file)) {
                         $transformfunction_name = str_replace('.inc.php', '', $GLOBALS['mime_map'][$meta->name]['transformation']);
diff --git a/libraries/server_synchronize.lib.php b/libraries/server_synchronize.lib.php
index ba6f813..c9f1242 100644
--- a/libraries/server_synchronize.lib.php
+++ b/libraries/server_synchronize.lib.php
@@ -624,7 +624,7 @@ function PMA_createTargetTables($src_db, $trg_db, $src_link, $trg_link, &$uncomm
         $Create_Query = PMA_DBI_fetch_value("SHOW CREATE TABLE " . PMA_backquote($src_db) . '.' . PMA_backquote($uncommon_tables[$table_index]), 0, 1, $src_link);
 
         // Replace the src table name with a `dbname`.`tablename`
-        $Create_Table_Query = preg_replace('/' . PMA_backquote($uncommon_tables[$table_index]) . '/', 
+        $Create_Table_Query = preg_replace('/' . preg_quote(PMA_backquote($uncommon_tables[$table_index]), '/') . '/', 
                                             PMA_backquote($trg_db) . '.' .PMA_backquote($uncommon_tables[$table_index]),
                                             $Create_Query,
                                             $limit = 1
diff --git a/setup/lib/ConfigGenerator.class.php b/setup/lib/ConfigGenerator.class.php
index 95c3325..e33775e 100644
--- a/setup/lib/ConfigGenerator.class.php
+++ b/setup/lib/ConfigGenerator.class.php
@@ -39,7 +39,7 @@ class ConfigGenerator
         if ($cf->getServerCount() > 0) {
             $ret .= "/* Servers configuration */$crlf\$i = 0;" . $crlf . $crlf;
             foreach ($c['Servers'] as $id => $server) {
-                $ret .= '/* Server: ' . strtr($cf->getServerName($id), '*/', '-') . " [$id] */" . $crlf
+                $ret .= '/* Server: ' . strtr($cf->getServerName($id) . " [$id] ", '*/', '-') . "*/" . $crlf
                     . '$i++;' . $crlf;
                 foreach ($server as $k => $v) {
                     $k = preg_replace('/[^A-Za-z0-9_]/', '_', $k);


hooks/post-receive
-- 
phpMyAdmin




More information about the Git mailing list