[phpMyAdmin Git] [phpmyadmin/phpmyadmin] c1ecaf: Fix security issue, escape database name when saving page on designer
William Desportes
williamdes at wdes.fr
Tue Jun 4 18:23:41 CEST 2019
Branch: refs/heads/master
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: c1ecafc38319e8f768c9259d4d580e42acd5ee86
https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86
Author: William Desportes <williamdes at wdes.fr>
Date: 2019-03-30 (Sat, 03 March 2019) +01:00
Changed paths:
M js/designer/move.js
Log Message:
-----------
Fix security issue, escape database name when saving page on designer
Signed-off-by: William Desportes <williamdes at wdes.fr>
Commit: 015c404038c44279d95b6430ee5a0dddc97691ec
https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec
Author: MaurĂcio Meneghini Fauth <mauricio at fauth.dev>
Date: 2019-06-01 (Sat, 06 June 2019) -03:00
Changed paths:
M libraries/classes/Plugins/Auth/AuthenticationCookie.php
M libraries/common.inc.php
M test/classes/Plugins/Auth/AuthenticationCookieTest.php
Log Message:
-----------
Retrieve parameters from $_POST in AuthenticationCookie plugin
Retrieves pma_username and pma_password parameters from $_POST instead of $_REQUEST
Signed-off-by: MaurĂcio Meneghini Fauth <mauricio at fauth.dev>
Commit: 034538e0c6fe52bbd55a4f14c7e2ccbd3aad7efa
https://github.com/phpmyadmin/phpmyadmin/commit/034538e0c6fe52bbd55a4f14c7e2ccbd3aad7efa
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-03 (Mon, 06 June 2019) -04:00
Changed paths:
M doc/faq.rst
Log Message:
-----------
Update FAQ 4.8 to reflect removing pma_username and pma_password due to the security flaw reported in PMASA-2019-4
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 4b5e04d0a1ab0956d21ede85b6c1faf517b555b3
https://github.com/phpmyadmin/phpmyadmin/commit/4b5e04d0a1ab0956d21ede85b6c1faf517b555b3
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M doc/faq.rst
M libraries/classes/Plugins/Auth/AuthenticationCookie.php
M libraries/common.inc.php
M test/classes/Plugins/Auth/AuthenticationCookieTest.php
Log Message:
-----------
Merge pull request #277 from phpmyadmin/security/issue-276
Fix CSRF Vulnerability in login form
Commit: 8108eb7ded1b60863d5fa2d4125fcb805f6e0ae6
https://github.com/phpmyadmin/phpmyadmin/commit/8108eb7ded1b60863d5fa2d4125fcb805f6e0ae6
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M doc/faq.rst
M libraries/classes/Plugins/Auth/AuthenticationCookie.php
M libraries/common.inc.php
M test/classes/Plugins/Auth/AuthenticationCookieTest.php
Log Message:
-----------
Merge remote-tracking branch 'security/QA_4_8-security' into QA_4_8
Commit: 5fba0171273317ca7ba3a19bfd0afac38b815ab2
https://github.com/phpmyadmin/phpmyadmin/commit/5fba0171273317ca7ba3a19bfd0afac38b815ab2
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
Log Message:
-----------
ChangeLog for security issues
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 519c32bc08f2d8fb15b38044920a5e13cc82b0ab
https://github.com/phpmyadmin/phpmyadmin/commit/519c32bc08f2d8fb15b38044920a5e13cc82b0ab
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/classes/Config.php
M package.json
Log Message:
-----------
Prepare for release 4.9.0
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 10a2b2e01f80a0d18a408a7662217d0e6055482e
https://github.com/phpmyadmin/phpmyadmin/commit/10a2b2e01f80a0d18a408a7662217d0e6055482e
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M themes/original/theme.json
M themes/pmahomme/theme.json
Log Message:
-----------
Make themes compatible with 4.9
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 4ab33481be875d188d5e5c0860dd1499cd92e9d3
https://github.com/phpmyadmin/phpmyadmin/commit/4ab33481be875d188d5e5c0860dd1499cd92e9d3
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
A composer.lock
Log Message:
-----------
Adding composer lock for 4.9.0
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 114bc0f0bf31b4af82c36056190f879473f1125a
https://github.com/phpmyadmin/phpmyadmin/commit/114bc0f0bf31b4af82c36056190f879473f1125a
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
D composer.lock
Log Message:
-----------
Removing composer.lock
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 712e4a2d98113a4eee08cc9d41939735bd91b1d4
https://github.com/phpmyadmin/phpmyadmin/commit/712e4a2d98113a4eee08cc9d41939735bd91b1d4
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/classes/Config.php
Log Message:
-----------
Prepare for 4.9.1-dev
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: e73c92d92d84f717d6d9983f45f743430b3f1611
https://github.com/phpmyadmin/phpmyadmin/commit/e73c92d92d84f717d6d9983f45f743430b3f1611
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
M doc/faq.rst
M libraries/classes/Plugins/Auth/AuthenticationCookie.php
M libraries/common.inc.php
M test/classes/Plugins/Auth/AuthenticationCookieTest.php
Log Message:
-----------
Fix merge conflicts
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 7cb6e69186bee275a449b29f56ce241aebfdbfa2
https://github.com/phpmyadmin/phpmyadmin/commit/7cb6e69186bee275a449b29f56ce241aebfdbfa2
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M js/designer/move.js
Log Message:
-----------
Merge remote-tracking branch 'security/security/designer/save-page' into QA_4_8
Commit: 004848d93f974236ed6d8d58f5fc18d006a6e53c
https://github.com/phpmyadmin/phpmyadmin/commit/004848d93f974236ed6d8d58f5fc18d006a6e53c
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/classes/Config.php
Log Message:
-----------
Prepare version 4.9.0.1
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: c60a750764b8a4b927b15e03640908ef751089d7
https://github.com/phpmyadmin/phpmyadmin/commit/c60a750764b8a4b927b15e03640908ef751089d7
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
A composer.lock
Log Message:
-----------
Adding composer lock for 4.9.0.1
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: a5f19ea80d0ceefbdca241664cb8b90a62e16890
https://github.com/phpmyadmin/phpmyadmin/commit/a5f19ea80d0ceefbdca241664cb8b90a62e16890
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
D composer.lock
Log Message:
-----------
Removing composer.lock
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: e7b73831e5b0a896d2dbd27f66b4ed7d5b4d1130
https://github.com/phpmyadmin/phpmyadmin/commit/e7b73831e5b0a896d2dbd27f66b4ed7d5b4d1130
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M README
M doc/conf.py
M libraries/classes/Config.php
Log Message:
-----------
Prepare for version 4.9.1
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
Commit: 465005fe75180a380e325506a12986ecb2451cb5
https://github.com/phpmyadmin/phpmyadmin/commit/465005fe75180a380e325506a12986ecb2451cb5
Author: Isaac Bennetch <bennetch at gmail.com>
Date: 2019-06-04 (Tue, 06 June 2019) -04:00
Changed paths:
M ChangeLog
M js/designer/move.js
Log Message:
-----------
Fix merge conflicts
Signed-off-by: Isaac Bennetch <bennetch at gmail.com>
More information about the Git
mailing list