[phpMyAdmin Git] [phpmyadmin/phpmyadmin] 4141d6: Strip null bytes from MySQL username
Isaac Bennetch
bennetch at gmail.com
Fri Nov 25 07:15:24 CET 2016
Branch: refs/heads/MAINT_4_4_15
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 4141d694eb212b676ccc768e61b4d4085566f0ed
https://github.com/phpmyadmin/phpmyadmin/commit/4141d694eb212b676ccc768e61b4d4085566f0ed
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/core.lib.php
M libraries/plugins/auth/AuthenticationCookie.class.php
M libraries/plugins/auth/AuthenticationHttp.class.php
Log Message:
-----------
Strip null bytes from MySQL username
In old PHP versions this could lead to allow/deny rules bypass.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 259694af9a3ce80bd17db04f46fb631693d929b8
https://github.com/phpmyadmin/phpmyadmin/commit/259694af9a3ce80bd17db04f46fb631693d929b8
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/ip_allow_deny.lib.php
Log Message:
-----------
Use hash_equals for comparing username in allow/deny rules
The comparison should happen in constant time to avoid possible leak of
usernames in rules.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: f02555fe948c655877d318f82073cc83e333d99c
https://github.com/phpmyadmin/phpmyadmin/commit/f02555fe948c655877d318f82073cc83e333d99c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/plugins/auth/AuthenticationCookie.class.php
M libraries/plugins/auth/AuthenticationHttp.class.php
Log Message:
-----------
Use hash_equals for checking username
This makes the comparison happen in constant time and makes it
impossible to use it to guess stored usernames.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 6735d83e10ae33a20153eb5516fb2f1963a594a7
https://github.com/phpmyadmin/phpmyadmin/commit/6735d83e10ae33a20153eb5516fb2f1963a594a7
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/VersionInformation.php
Log Message:
-----------
Silent errors when getting remote file
- both curl and fopen wrappers can emmit errors in cases where remote
site is not accessible
- do not pass false value to json_decode
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: ebcd746a2fc8b356e36c92fa6960d5f7256ebff0
https://github.com/phpmyadmin/phpmyadmin/commit/ebcd746a2fc8b356e36c92fa6960d5f7256ebff0
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/export.lib.php
Log Message:
-----------
Remove debugging code
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 5f40a46d24068484a5afe0bbb4ce4e5c8a6c6094
https://github.com/phpmyadmin/phpmyadmin/commit/5f40a46d24068484a5afe0bbb4ce4e5c8a6c6094
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/Error.class.php
M test/classes/PMA_Error_test.php
Log Message:
-----------
Strip path even if openbasedir restrictions apply
This really should not be the case here as what we get here is code
executed by PHP, so it should have already passed openbasedir
restrictions.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 55c26d0065e83b9899ba90afb49dd72415c8d7f5
https://github.com/phpmyadmin/phpmyadmin/commit/55c26d0065e83b9899ba90afb49dd72415c8d7f5
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M js/ajax.js
Log Message:
-----------
Store copy of hash instead of working on live object
This avoids possible race conditions when doing the checks.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 9b8094bb0d61da59f80a2f927011068c8e0f3069
https://github.com/phpmyadmin/phpmyadmin/commit/9b8094bb0d61da59f80a2f927011068c8e0f3069
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/navigation/NavigationHeader.class.php
Log Message:
-----------
Stricter validation of NavigationLogoLink
It now has to be URL including scheme. Otherwise it's not really
possible to validate it for being just http/https.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 94736885a66a5b28665d252d3062824fca99dd01
https://github.com/phpmyadmin/phpmyadmin/commit/94736885a66a5b28665d252d3062824fca99dd01
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M js/config.js
Log Message:
-----------
Fix hash validation
- use copy of hash to avoid race condition
- stricter regex to match whole string
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: fa3bcffd4e2e6d0d7f41f2ec0db2fe8d50a0635d
https://github.com/phpmyadmin/phpmyadmin/commit/fa3bcffd4e2e6d0d7f41f2ec0db2fe8d50a0635d
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-18 (Thu, 18 Aug 2016)
Changed paths:
M libraries/DBQbe.class.php
M libraries/SavedSearches.class.php
Log Message:
-----------
Limit maximal number of rows in QBE
User would be lost in them anyway by that count and it prevents DOS.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 18fdcd066467259a4fb866961dde73f7902c5e8c
https://github.com/phpmyadmin/phpmyadmin/commit/18fdcd066467259a4fb866961dde73f7902c5e8c
Author: Michal Čihař <michal at cihar.com>
Date: 2016-08-24 (Wed, 24 Aug 2016)
Changed paths:
M ChangeLog
M index.php
Log Message:
-----------
Do not show warning about short blowfish_secret if none is set
With empty blowfish_secret user would always get both warnings...
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 38e4f77a8b0010a774d18cac4d41b104bff4bc53
https://github.com/phpmyadmin/phpmyadmin/commit/38e4f77a8b0010a774d18cac4d41b104bff4bc53
Author: Michal Čihař <michal at cihar.com>
Date: 2016-09-02 (Fri, 02 Sep 2016)
Changed paths:
M import.php
Log Message:
-----------
Fix possible DOS on too big skip value
- loop only as long as long we have data to skip
- convert skip parameter to integer
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 499a61c7d831f424c1e68f734b587e6baa395634
https://github.com/phpmyadmin/phpmyadmin/commit/499a61c7d831f424c1e68f734b587e6baa395634
Author: Michal Čihař <michal at cihar.com>
Date: 2016-09-02 (Fri, 02 Sep 2016)
Changed paths:
M index.php
M libraries/core.lib.php
Log Message:
-----------
Stricter URL validation
- do not use empty() as empty('0') is true
- do not lowercase the strings, use them as they are
- lowercase all domains in our codebase
- do not allow to specify port
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 2cb51d22dba43f4a5d57d76ad8c734422db7c916
https://github.com/phpmyadmin/phpmyadmin/commit/2cb51d22dba43f4a5d57d76ad8c734422db7c916
Author: Michal Čihař <michal at cihar.com>
Date: 2016-09-02 (Fri, 02 Sep 2016)
Changed paths:
M libraries/ip_allow_deny.lib.php
Log Message:
-----------
Use hash_equals when comparing IPv6 allow rules
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 8ee12d39e568d46b358601be1217e5087f4acf75
https://github.com/phpmyadmin/phpmyadmin/commit/8ee12d39e568d46b358601be1217e5087f4acf75
Author: Michal Čihař <michal at cihar.com>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M libraries/plugins/AuthenticationPlugin.class.php
M libraries/plugins/auth/AuthenticationConfig.class.php
M libraries/plugins/auth/AuthenticationCookie.class.php
M libraries/plugins/auth/AuthenticationHttp.class.php
Log Message:
-----------
Verify value of access_time to avoid unwanted session extension
We need to ansure the access_time parameter is in valid range to avoid
possibility of remotely extending session validity.
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: e3f2c744916ebdd355f365eb350eed078e2542d7
https://github.com/phpmyadmin/phpmyadmin/commit/e3f2c744916ebdd355f365eb350eed078e2542d7
Author: Deven Bansod <devenbansod.bits at gmail.com>
Date: 2016-10-02 (Sun, 02 Oct 2016)
Changed paths:
M prefs_manage.php
Log Message:
-----------
Don't assume the default arg_separator in URL
Respect the value for arg_separator.input too.
Signed-off-by: Deven Bansod <devenbansod.bits at gmail.com>
Commit: 1fc004d1730b3ca1b857d005de8a3d00d50cfdb4
https://github.com/phpmyadmin/phpmyadmin/commit/1fc004d1730b3ca1b857d005de8a3d00d50cfdb4
Author: Michal Čihař <michal at cihar.com>
Date: 2016-10-04 (Tue, 04 Oct 2016)
Changed paths:
M libraries/core.lib.php
M test/libraries/core/PMA_safeUnserialize_test.php
Log Message:
-----------
Correctly parse string length when checking serialized data
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 6d7113776ce6384838b00112f821366a1b92de48
https://github.com/phpmyadmin/phpmyadmin/commit/6d7113776ce6384838b00112f821366a1b92de48
Author: Michal Čihař <michal at cihar.com>
Date: 2016-10-04 (Tue, 04 Oct 2016)
Changed paths:
M prefs_manage.php
Log Message:
-----------
Merge branch 'MAINT_4_4_15-security' of github.com:phpmyadmin/phpmyadmin-security into MAINT_4_4_15-security
Commit: 9d0b1915d61e7289d234d26e6bdba021027fda87
https://github.com/phpmyadmin/phpmyadmin/commit/9d0b1915d61e7289d234d26e6bdba021027fda87
Author: Deven Bansod <devenbansod.bits at gmail.com>
Date: 2016-10-11 (Tue, 11 Oct 2016)
Changed paths:
M libraries/tracking.lib.php
Log Message:
-----------
Manage new-lines and extra whitespaces properly
Signed-off-by: Deven Bansod <devenbansod.bits at gmail.com>
Commit: d69375ff75bf58cbc35130081973a9ecfaec7d52
https://github.com/phpmyadmin/phpmyadmin/commit/d69375ff75bf58cbc35130081973a9ecfaec7d52
Author: Deven Bansod <devenbansod.bits at gmail.com>
Date: 2016-10-11 (Tue, 11 Oct 2016)
Changed paths:
M libraries/Tracker.class.php
Log Message:
-----------
Manage new-lines and extra whitespaces properly
Signed-off-by: Deven Bansod <devenbansod.bits at gmail.com>
Commit: a9e3827b190c386fc6cc0389668545ff0e2b4fdb
https://github.com/phpmyadmin/phpmyadmin/commit/a9e3827b190c386fc6cc0389668545ff0e2b4fdb
Author: Deven Bansod <devenbansod.bits at gmail.com>
Date: 2016-11-08 (Tue, 08 Nov 2016)
Changed paths:
M libraries/core.lib.php
M test/libraries/core/PMA_sanitizeMySQLHost_test.php
Log Message:
-----------
Handle multiple `p:` while sanitizing MySQL hosts
Signed-off-by: Deven Bansod <devenbansod.bits at gmail.com>
Commit: 0748384685693e3ecf97b021ccab075e295d4d65
https://github.com/phpmyadmin/phpmyadmin/commit/0748384685693e3ecf97b021ccab075e295d4d65
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2016-11-24 (Thu, 24 Nov 2016)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/Config.class.php
Log Message:
-----------
4.4.15.9 release and ChangeLog
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/39864227e7c3...074838468569
More information about the Git
mailing list