[phpMyAdmin Git] [phpmyadmin/phpmyadmin] d2dc94: Fix possible path existence disclossure

Michal Čihař michal at cihar.com
Fri Apr 29 15:47:35 CEST 2016 

  Branch: refs/heads/QA_4_6
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8
      https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8
  Author: Michal Čihař <michal at cihar.com>
  Date:   2016-04-29 (Fri, 29 Apr 2016)

  Changed paths:
    M libraries/error_report.lib.php

  Log Message:
  -----------
  Fix possible path existence disclossure

On non released versions (where line counts are not precalculated) it
was possible to check for file existence due to limited checks for
supplied path.

Signed-off-by: Michal Čihař <michal at cihar.com>


  Commit: 8326aaebe54083d9726e153abdd303a141fe5ad3
      https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3
  Author: Michal Čihař <michal at cihar.com>
  Date:   2016-04-29 (Fri, 29 Apr 2016)

  Changed paths:
    M changelog.php
    M libraries/core.lib.php

  Log Message:
  -----------
  Pass links to external sites in changelog through url.php

This avoids possible information disclossure in the links (token).

Signed-off-by: Michal Čihař <michal at cihar.com>


  Commit: 59e56bd63a5e023b797d82eb272cd074e3b4bfd1
      https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1
  Author: Michal Čihař <michal at cihar.com>
  Date:   2016-04-29 (Fri, 29 Apr 2016)

  Changed paths:
    M index.php
    M libraries/core.lib.php

  Log Message:
  -----------
  Pass link to demo server through url.php

Signed-off-by: Michal Čihař <michal at cihar.com>


  Commit: bdb20d14997a0ee543d7824f2a2410ed6aa82e02
      https://github.com/phpmyadmin/phpmyadmin/commit/bdb20d14997a0ee543d7824f2a2410ed6aa82e02
  Author: Michal Čihař <michal at cihar.com>
  Date:   2016-04-29 (Fri, 29 Apr 2016)

  Changed paths:
    M index.php

  Log Message:
  -----------
  Remove link to wiki

It's outdated and will be soon completely disabled.

Signed-off-by: Michal Čihař <michal at cihar.com>


  Commit: b2f77691e915feb3aed02862f6d559a1f4645c85
      https://github.com/phpmyadmin/phpmyadmin/commit/b2f77691e915feb3aed02862f6d559a1f4645c85
  Author: Michal Čihař <michal at cihar.com>
  Date:   2016-04-29 (Fri, 29 Apr 2016)

  Changed paths:
    M changelog.php
    M index.php

  Log Message:
  -----------
  Use https links where applicable

Signed-off-by: Michal Čihař <michal at cihar.com>


Compare: https://github.com/phpmyadmin/phpmyadmin/compare/94ec333a35f5...b2f77691e915

More information about the Git mailing list