Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Factory checked in at 2013-08-07 20:51:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old) and /work/SRC/openSUSE:Factory/.phpMyAdmin.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "phpMyAdmin" Changes: -------- --- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes 2013-07-30 16:47:16.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes 2013-08-07 20:51:26.000000000 +0200 @@ -1,0 +2,32 @@ +Wed Aug 7 12:09:45 UTC 2013 - [email protected] + +- fix for bnc#833731 + * PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693) + http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php + +------------------------------------------------------------------- +Mon Aug 5 21:51:23 UTC 2013 - [email protected] + +- update to 4.0.5 (2013-08-04) + + sf#3977 Not detected configuration storage + + sf#3970 Pressing enter in the filter field reloads page + + sf#3984 Cannot insert in this table (PHP < 5.4) + + sf#3989 Reloading privileges does not update the interface + + sf#3960 NavigationBarIconic config not honored + + sf#3985 Call to undefined function mb_detect_encoding + + sf#4007 Analyze option not shown for InnoDB tables + + sf#4015 Forcing a storage engine for configuration storage + + bug Incorrect Drizzle 7 detection + + sf#4019 Create database if not exists (export): add an option to the + interface to enable generating CREATE DATABASE and USE (false by default) + + sf#4012 Crash on CSV file import + + sf#4009 Statistic Monitor shows only last 3 digits in graph + + sf#3998 Non-permanent SQL history not working + + sf#3578 Transformations for text/plain on a BLOB column + + [security] Improved protection against cross framing, see PMASA-2013-10 + (CVE-2013-5029 CWE-661 CWE-693) + + Reinstated configuration directive: AllowThirdPartyFraming +- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes +- add CVEs to 4.0.4.2 changes + +------------------------------------------------------------------- @@ -6,6 +38,7 @@ - * fix for PMASA-2013-9 (CWE-661 CWE-79 CWE-80) - * fix for PMASA-2013-11 (CWE-300 CWE-79) - * fix for PMASA-2013-12 (CWE-661 CWE-200) - * fix for PMASA-2013-13 (CWE-661 CWE-79 CWE-80) - * fix for PMASA-2013-14 (CWE-661 CWE-79) - * fix for PMASA-2013-15 (CWE-661 CWE-89 CWE-269) + * fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79) + * fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80) + * fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79) + * fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200) + * fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80) + * fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79) + * fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269) @@ -12,0 +46 @@ + * [security] fix unescaped parameter, see PMASA-2013-8 Old: ---- phpMyAdmin-4.0.4.2-all-languages.tar.bz2 New: ---- phpMyAdmin-4.0.5-all-languages.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin.spec ++++++ --- /var/tmp/diff_new_pack.V5uMyY/_old 2013-08-07 20:51:27.000000000 +0200 +++ /var/tmp/diff_new_pack.V5uMyY/_new 2013-08-07 20:51:27.000000000 +0200 @@ -34,7 +34,7 @@ Summary: Administration of MySQL over the web License: GPL-2.0+ Group: Productivity/Networking/Web/Frontends -Version: 4.0.4.2 +Version: 4.0.5 Release: 0 Url: http://www.phpMyAdmin.net Source0: %{name}-%{version}-all-languages.tar.bz2 ++++++ phpMyAdmin-4.0.4.2-all-languages.tar.bz2 -> phpMyAdmin-4.0.5-all-languages.tar.bz2 ++++++ ++++ 58582 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
