[phpMyAdmin Git] [phpmyadmin/phpmyadmin] b8f1e0: Escape SQL query for inline editing
Isaac Bennetch
bennetch at gmail.com
Mon Feb 29 21:32:46 CET 2016
Branch: refs/heads/MAINT_4_0_10
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: b8f1e0f325f8f32bd82af64111d8c2e9055a363c
https://github.com/phpmyadmin/phpmyadmin/commit/b8f1e0f325f8f32bd82af64111d8c2e9055a363c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M js/functions.js
Log Message:
-----------
Escape SQL query for inline editing
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 73c8245a3d1893a710447957e28dcfb18d9b47ad
https://github.com/phpmyadmin/phpmyadmin/commit/73c8245a3d1893a710447957e28dcfb18d9b47ad
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M libraries/Config.class.php
Log Message:
-----------
Urlencode hostname
This can come from the HTTP header, so we need to be sure to sanitize
it.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 0667ea8ac7519d7e642eade2686dc393d5faeae3
https://github.com/phpmyadmin/phpmyadmin/commit/0667ea8ac7519d7e642eade2686dc393d5faeae3
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M file_echo.php
Log Message:
-----------
Use correct headers for json data
It was previously not marked as such what could potentially lead to
browsers doing some autodetection.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 45ecc10d18f47ad18c0b2e17139cc7b510e36da4
https://github.com/phpmyadmin/phpmyadmin/commit/45ecc10d18f47ad18c0b2e17139cc7b510e36da4
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M libraries/tcpdf/tcpdf.php
Log Message:
-----------
Avoid skipping the SSL certificate check in TCPDF
This code is never used in phpMyAdmin, but we fix it just to avoid
potential security reports.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 155876b48f496d25353e0532763412b0e0dc754c
https://github.com/phpmyadmin/phpmyadmin/commit/155876b48f496d25353e0532763412b0e0dc754c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M libraries/Config.class.php
Log Message:
-----------
Merge pull request #20 from phpmyadmin/xss-host
Urlencode hostname
Commit: 25a632a9f4e01f86b0a17644483d1e4c5cb91ad1
https://github.com/phpmyadmin/phpmyadmin/commit/25a632a9f4e01f86b0a17644483d1e4c5cb91ad1
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M file_echo.php
Log Message:
-----------
Merge pull request #22 from phpmyadmin/json-response
Use correct headers for json data
Commit: e795141fba2246ad4123e7bd0b2a81c2b71f193d
https://github.com/phpmyadmin/phpmyadmin/commit/e795141fba2246ad4123e7bd0b2a81c2b71f193d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths:
M ChangeLog
Log Message:
-----------
Add changes for security issues
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 7ddce5e39a4e12cd351732955394bc7055c280eb
https://github.com/phpmyadmin/phpmyadmin/commit/7ddce5e39a4e12cd351732955394bc7055c280eb
Author: Madhura Jayaratne <madhura.cj at gmail.com>
Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths:
M libraries/server_privileges.lib.php
Log Message:
-----------
Fix XSS in User accounts page
Signed-off-by: Madhura Jayaratne <madhura.cj at gmail.com>
Commit: fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83
https://github.com/phpmyadmin/phpmyadmin/commit/fe3be9f4b9edd54dc39919e7dfeaaf4a67c1cf83
Author: Madhura Jayaratne <madhura.cj at gmail.com>
Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths:
M tbl_zoom_select.php
Log Message:
-----------
Fix XSS in zoom search
Signed-off-by: Madhura Jayaratne <madhura.cj at gmail.com>
Commit: b1cc43ee7f8607c80889570912c5a54b7409b4d1
https://github.com/phpmyadmin/phpmyadmin/commit/b1cc43ee7f8607c80889570912c5a54b7409b4d1
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-02-29 (Mon, 29 Feb 2016)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/Config.class.php
Log Message:
-----------
4.0.10.15 release
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/945c58b9d2d8...b1cc43ee7f86
More information about the Git
mailing list