[phpMyAdmin Git] [phpmyadmin/phpmyadmin] 6943ff: Escape database name in URL
Isaac Bennetch
bennetch at gmail.com
Thu Jun 21 20:03:22 CEST 2018
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: 6943fff87324bd54c3a37a5160a5fb77498c355e
https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e
Author: William Desportes <williamdes at wdes.fr>
Date: 2018-06-19 (Tue, 19 Jun 2018)
Changed paths:
M js/designer/move.js
Log Message:
-----------
Escape database name in URL
Designer > new page shows iframe when db name is: "'"><iframe onload=alert(1)>
Signed-off-by: William Desportes <williamdes at wdes.fr>
Commit: ead0d0d98520ce0bc5251f58e52e0a3d1809b2fd
https://github.com/phpmyadmin/phpmyadmin/commit/ead0d0d98520ce0bc5251f58e52e0a3d1809b2fd
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-19 (Tue, 19 Jun 2018)
Changed paths:
M ChangeLog
Log Message:
-----------
ChangeLog entry for PMASA-2016-03, XSS in Designer.
This is commit 6943fff87324bd54c3a37a5160a5fb77498c355e, cherry-picked
from master.
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 7662d02939fb3cf6f0d9ec32ac664401dcfe7490
https://github.com/phpmyadmin/phpmyadmin/commit/7662d02939fb3cf6f0d9ec32ac664401dcfe7490
Author: Michal Čihař <michal at cihar.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M index.php
M libraries/classes/Core.php
M test/classes/CoreTest.php
Log Message:
-----------
Avoid looking for ? when checking for file to be included
Signed-off-by: Michal Čihař <michal at cihar.com>
Commit: 536b214757ad99fec39aee977f192a25b6d13537
https://github.com/phpmyadmin/phpmyadmin/commit/536b214757ad99fec39aee977f192a25b6d13537
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M index.php
M libraries/classes/Core.php
M test/classes/CoreTest.php
Log Message:
-----------
Merge pull request #14418 from nijel/page_validity
Avoid looking for ? when checking for file to be included
Commit: 26c6e87682ec0e1e35b8cc5dd03569e55c763dd8
https://github.com/phpmyadmin/phpmyadmin/commit/26c6e87682ec0e1e35b8cc5dd03569e55c763dd8
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M ChangeLog
M js/designer/move.js
Log Message:
-----------
Merge remote-tracking branch 'security/QA_4_8-security' into QA_4_8
Commit: 2867a95523e533ec30fa63149fd18e6cc5e9cc16
https://github.com/phpmyadmin/phpmyadmin/commit/2867a95523e533ec30fa63149fd18e6cc5e9cc16
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M ChangeLog
Log Message:
-----------
Update Changelog for RCE/file inclusion security issue
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: d363fa02c6d51efa2ca07fd052cbec0377703293
https://github.com/phpmyadmin/phpmyadmin/commit/d363fa02c6d51efa2ca07fd052cbec0377703293
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/classes/Config.php
Log Message:
-----------
Prepare for version 4.8.2
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 3115f340b933ab95e75785af02d6d497a04f47b3
https://github.com/phpmyadmin/phpmyadmin/commit/3115f340b933ab95e75785af02d6d497a04f47b3
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
A composer.lock
Log Message:
-----------
Adding composer lock for 4.8.2
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 064f6cc0ec62aeb18dc93c52b42ece6244fa9d09
https://github.com/phpmyadmin/phpmyadmin/commit/064f6cc0ec62aeb18dc93c52b42ece6244fa9d09
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
R composer.lock
Log Message:
-----------
Removing composer.lock
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 42f36cce395eade401155e51cd15900b86bcec70
https://github.com/phpmyadmin/phpmyadmin/commit/42f36cce395eade401155e51cd15900b86bcec70
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/classes/Config.php
Log Message:
-----------
Prepare for version 4.8.3-dev
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: d1360f46cef76c5182116eb2b8fdbab1b20e687a
https://github.com/phpmyadmin/phpmyadmin/commit/d1360f46cef76c5182116eb2b8fdbab1b20e687a
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M ChangeLog
M index.php
M libraries/classes/Core.php
M test/classes/CoreTest.php
Log Message:
-----------
Merge branch 'QA_4_8'
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: dcf434b635a60ff69bf84754221d6dfb85338e83
https://github.com/phpmyadmin/phpmyadmin/commit/dcf434b635a60ff69bf84754221d6dfb85338e83
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2018-06-21 (Thu, 21 Jun 2018)
Changed paths:
M libraries/classes/Core.php
M test/classes/CoreTest.php
Log Message:
-----------
Fixup from merge
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Compare: https://github.com/phpmyadmin/phpmyadmin/compare/168bfee6b59b...dcf434b635a6
**NOTE:** This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the Git
mailing list