commit phpMyAdmin for openSUSE:Factory

Thu, 12 Apr 2012 00:46:53 -0700 

Hello community,

here is the log from the commit of package phpMyAdmin for openSUSE:Factory 
checked in at 2012-04-12 09:45:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old)
 and      /work/SRC/openSUSE:Factory/.phpMyAdmin.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "phpMyAdmin", Maintainer is "[email protected]"

Changes:
--------
--- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes    2012-03-06 
13:41:07.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes       
2012-04-12 09:45:46.000000000 +0200
@@ -1,0 +2,8 @@
+Mon Apr  2 10:14:55 UTC 2012 - [email protected]
+
+- update to 3.4.10.2 (fix for bnc#755211)
+  - [security] Fixed local path disclosure vulnerability,
+    see PMASA-2012-2
+    http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php
+
+-------------------------------------------------------------------

Old:
----
  phpMyAdmin-3.4.10.1-all-languages.tar.bz2

New:
----
  phpMyAdmin-3.4.10.2-all-languages.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ phpMyAdmin.spec ++++++
--- /var/tmp/diff_new_pack.59yXY6/_old  2012-04-12 09:45:47.000000000 +0200
+++ /var/tmp/diff_new_pack.59yXY6/_new  2012-04-12 09:45:47.000000000 +0200
@@ -16,7 +16,6 @@
 #
 
 
-
 Name:           phpMyAdmin
 
 %define apxs %{_sbindir}/apxs2
@@ -35,7 +34,7 @@
 Summary:        Administration of MySQL over the web
 License:        GPL-2.0+
 Group:          Productivity/Networking/Web/Frontends
-Version:        3.4.10.1
+Version:        3.4.10.2
 Release:        0
 Url:            http://www.phpMyAdmin.net
 Source0:        %{name}-%{version}-all-languages.tar.bz2

++++++ phpMyAdmin-3.4.10.1-all-languages.tar.bz2 -> 
phpMyAdmin-3.4.10.2-all-languages.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.10.1-all-languages/ChangeLog 
new/phpMyAdmin-3.4.10.2-all-languages/ChangeLog
--- old/phpMyAdmin-3.4.10.1-all-languages/ChangeLog     2012-02-18 
13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/ChangeLog     2012-03-28 
18:50:38.000000000 +0200
@@ -1,6 +1,9 @@
 phpMyAdmin - ChangeLog
 ======================
 
+3.4.10.2 (2012-03-28)
+- [security] Fixed local path disclosure vulnerability, see PMASA-2012-2
+
 3.4.10.1 (2012-02-18)
 - [security] XSS in replication setup, see PMASA-2012-1
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.10.1-all-languages/Documentation.html 
new/phpMyAdmin-3.4.10.2-all-languages/Documentation.html
--- old/phpMyAdmin-3.4.10.1-all-languages/Documentation.html    2012-02-18 
13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/Documentation.html    2012-03-28 
18:50:38.000000000 +0200
@@ -9,7 +9,7 @@
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.4.10.1 - Documentation</title>
+    <title>phpMyAdmin 3.4.10.2 - Documentation</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -17,7 +17,7 @@
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/";>php<span 
class="myadmin">MyAdmin</span></a>
-        3.4.10.1
+        3.4.10.2
         Documentation
     </h1>
 </div>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.10.1-all-languages/Documentation.txt 
new/phpMyAdmin-3.4.10.2-all-languages/Documentation.txt
--- old/phpMyAdmin-3.4.10.1-all-languages/Documentation.txt     2012-02-18 
13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/Documentation.txt     2012-03-28 
18:50:38.000000000 +0200
@@ -1,4 +1,4 @@
-phpMyAdmin 3.4.10.1 Documentation
+phpMyAdmin 3.4.10.2 Documentation
 
   * Top
   * Requirements
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.10.1-all-languages/README 
new/phpMyAdmin-3.4.10.2-all-languages/README
--- old/phpMyAdmin-3.4.10.1-all-languages/README        2012-02-18 
13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/README        2012-03-28 
18:50:38.000000000 +0200
@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 3.4.10.1
+Version 3.4.10.2
 
 A set of PHP-scripts to manage MySQL over the web.
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.10.1-all-languages/RELEASE-DATE-3.4.10.1 
new/phpMyAdmin-3.4.10.2-all-languages/RELEASE-DATE-3.4.10.1
--- old/phpMyAdmin-3.4.10.1-all-languages/RELEASE-DATE-3.4.10.1 2012-02-18 
13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/RELEASE-DATE-3.4.10.1 1970-01-01 
01:00:00.000000000 +0100
@@ -1 +0,0 @@
-Sat Feb 18 12:25:36 UTC 2012
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.10.1-all-languages/RELEASE-DATE-3.4.10.2 
new/phpMyAdmin-3.4.10.2-all-languages/RELEASE-DATE-3.4.10.2
--- old/phpMyAdmin-3.4.10.1-all-languages/RELEASE-DATE-3.4.10.2 1970-01-01 
01:00:00.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/RELEASE-DATE-3.4.10.2 2012-03-28 
18:50:38.000000000 +0200
@@ -0,0 +1 @@
+Wed Mar 28 16:49:29 UTC 2012
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.10.1-all-languages/libraries/Config.class.php 
new/phpMyAdmin-3.4.10.2-all-languages/libraries/Config.class.php
--- old/phpMyAdmin-3.4.10.1-all-languages/libraries/Config.class.php    
2012-02-18 13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/libraries/Config.class.php    
2012-03-28 18:50:38.000000000 +0200
@@ -96,7 +96,7 @@
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '3.4.10.1');
+        $this->set('PMA_VERSION', '3.4.10.2');
         /**
          * @deprecated
          */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.10.1-all-languages/show_config_errors.php 
new/phpMyAdmin-3.4.10.2-all-languages/show_config_errors.php
--- old/phpMyAdmin-3.4.10.1-all-languages/show_config_errors.php        
2012-02-18 13:26:45.000000000 +0100
+++ new/phpMyAdmin-3.4.10.2-all-languages/show_config_errors.php        
2012-03-28 18:50:38.000000000 +0200
@@ -14,6 +14,8 @@
 /**
  * Read config file.
  */
-require CONFIG_FILE;
+if (is_readable(CONFIG_FILE)) {
+    require CONFIG_FILE;
+}
 
 ?>

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to