Branch: refs/heads/master
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: d76496ba1d11de13ba1f982a462e014f9d923b29
      
https://github.com/phpmyadmin/phpmyadmin/commit/d76496ba1d11de13ba1f982a462e014f9d923b29
  Author: Isaac Bennetch <benne...@gmail.com>
  Date:   2016-06-14 (Tue, 14 Jun 2016)

  Changed paths:
    M ChangeLog
    M libraries/config/FormDisplay.php

  Log Message:
  -----------
  Setup script did not properly use input type password in all cases

Signed-off-by: Isaac Bennetch <benne...@gmail.com>


  Commit: 72213573182896bd6a6e5af5ba1881dd87c4a20b
      
https://github.com/phpmyadmin/phpmyadmin/commit/72213573182896bd6a6e5af5ba1881dd87c4a20b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M templates/table/structure/display_table_stats.phtml

  Log Message:
  -----------
  Fix XSS on table structure

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 03f73d48369703e0d3584699b08e24891c3295b8
      
https://github.com/phpmyadmin/phpmyadmin/commit/03f73d48369703e0d3584699b08e24891c3295b8
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M libraries/server_privileges.lib.php

  Log Message:
  -----------
  Fix XSS on server privileges

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 55db1256c5d6e27c2d9fbd78e9c6f9fc11fe8571
      
https://github.com/phpmyadmin/phpmyadmin/commit/55db1256c5d6e27c2d9fbd78e9c6f9fc11fe8571
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M ChangeLog
    M libraries/config/FormDisplay.php

  Log Message:
  -----------
  Merge pull request #48 from phpmyadmin/security-45

Fix issue #45 input types in setup script


  Commit: 19eef4eebb528dcce0ec922947f9ee9da3b2a2b8
      
https://github.com/phpmyadmin/phpmyadmin/commit/19eef4eebb528dcce0ec922947f9ee9da3b2a2b8
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M test/libraries/PMA_user_preferences_test.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: 5633b1d57b23ddaa5a9a976a323c90c18d9be03d
      
https://github.com/phpmyadmin/phpmyadmin/commit/5633b1d57b23ddaa5a9a976a323c90c18d9be03d
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M setup/frames/index.inc.php

  Log Message:
  -----------
  Use javascript for redirection to https

The current approach is broken since whitelisting is active in url.php
and also allows potential bbcode injection.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 4767f24ea4c1e3822ce71a636c341e8ad8d07aa6
      
https://github.com/phpmyadmin/phpmyadmin/commit/4767f24ea4c1e3822ce71a636c341e8ad8d07aa6
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-15 (Wed, 15 Jun 2016)

  Changed paths:
    M js/get_scripts.js.php

  Log Message:
  -----------
  Limit number of included scripts in get_scripts.js.php

This avoids potential DOS, the limit is same as we use for generating
the URLs.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 27caf5b46bd0890e576fea7bd7b166a0639fdf68
      
https://github.com/phpmyadmin/phpmyadmin/commit/27caf5b46bd0890e576fea7bd7b166a0639fdf68
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-16 (Thu, 16 Jun 2016)

  Changed paths:
    M libraries/Config.php
    M libraries/core.lib.php
    A test/libraries/core/PMA_cleanupPathInfo_test.php

  Log Message:
  -----------
  Improve detection of script name

In case PHP_SELF was not set by server, we used REQUEST_URI, which might
embed PATH_INFO as well. However we really need to know the path without
it, so let's strip it as well.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 6c5d5ffc7fac2cbf8d4d7eac5c983c84db588c3d
      
https://github.com/phpmyadmin/phpmyadmin/commit/6c5d5ffc7fac2cbf8d4d7eac5c983c84db588c3d
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M ChangeLog
    M gis_data_editor.php
    M libraries/Index.php
    M libraries/gis/GISVisualization.php
    M libraries/rte/rte_list.lib.php
    M libraries/server_privileges.lib.php
    M po/fr.po
    M server_status_processes.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: b0180f18c828706af3a6800f0fb01a536d3ef8c7
      
https://github.com/phpmyadmin/phpmyadmin/commit/b0180f18c828706af3a6800f0fb01a536d3ef8c7
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M libraries/config/FormDisplay.php

  Log Message:
  -----------
  Properly convert POST parameters

We can get array instead of single parameter, so handle this gracefully.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: ef1493d9b4b5c89ff3ff9965068f3ebf5a3059bc
      
https://github.com/phpmyadmin/phpmyadmin/commit/ef1493d9b4b5c89ff3ff9965068f3ebf5a3059bc
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M libraries/Util.php
    M libraries/config/FormDisplay.php

  Log Message:
  -----------
  Move request conversion to generic code

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 96e0aa35653ec0c66084a7e9343465e16c1f769b
      
https://github.com/phpmyadmin/phpmyadmin/commit/96e0aa35653ec0c66084a7e9343465e16c1f769b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M setup/validate.php

  Log Message:
  -----------
  Fix error reporting on invalid request data

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: cd229d718e8cb4bc8ba32446beaa82d27727b6f0
      
https://github.com/phpmyadmin/phpmyadmin/commit/cd229d718e8cb4bc8ba32446beaa82d27727b6f0
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M libraries/config/Validator.php

  Log Message:
  -----------
  Validate input of validator

We can not trust the input here, so we can expect anything and deal with
missing parameters or invalid values.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 331c560fbfa0e7d2dce674b5e88e983c5f2a451d
      
https://github.com/phpmyadmin/phpmyadmin/commit/331c560fbfa0e7d2dce674b5e88e983c5f2a451d
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M setup/config.php
    M setup/frames/index.inc.php

  Log Message:
  -----------
  Improve error handling in setup in case config dir is not present

We do not show these options in UI, but the scripts should handle it
gracefully.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 1d2e2be925a5f6af70117f81892ad601e3dc161b
      
https://github.com/phpmyadmin/phpmyadmin/commit/1d2e2be925a5f6af70117f81892ad601e3dc161b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M libraries/DatabaseInterface.php
    M libraries/Error.php
    M templates/list/item.phtml

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: 00b9be9c4afa98d1a37f2b74c75f8c67ccf251d4
      
https://github.com/phpmyadmin/phpmyadmin/commit/00b9be9c4afa98d1a37f2b74c75f8c67ccf251d4
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M test/classes/ErrorTest.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: 27664605b945b13e1d2b71adea822ace2099cc96
      
https://github.com/phpmyadmin/phpmyadmin/commit/27664605b945b13e1d2b71adea822ace2099cc96
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M examples/openid.php

  Log Message:
  -----------
  Improve error handling in OpenID example

- properly check parameter types
- catch all exceptions (eg. network error)

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 1363ce574974ad6971f552a30b6b05f48dc80392
      
https://github.com/phpmyadmin/phpmyadmin/commit/1363ce574974ad6971f552a30b6b05f48dc80392
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M db_central_columns.php
    M libraries/Config.php
    M libraries/Util.php
    M libraries/display_import.lib.php
    M libraries/js_escape.lib.php
    M libraries/navigation/NavigationTree.php
    M setup/lib/form_processing.lib.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: 94cf3864254ffaf3a69e97d8fc454888368b94ab
      
https://github.com/phpmyadmin/phpmyadmin/commit/94cf3864254ffaf3a69e97d8fc454888368b94ab
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M examples/openid.php

  Log Message:
  -----------
  Escape error messages from OpenID

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 418aeea3d83b0b6021bac311d849570acfc6e48c
      
https://github.com/phpmyadmin/phpmyadmin/commit/418aeea3d83b0b6021bac311d849570acfc6e48c
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M examples/openid.php

  Log Message:
  -----------
  Add error handling to constructing openid message

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 0815af37f483f329f0c0565d68821fea9c47b5f5
      
https://github.com/phpmyadmin/phpmyadmin/commit/0815af37f483f329f0c0565d68821fea9c47b5f5
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M templates/table/structure/display_partitions.phtml

  Log Message:
  -----------
  Add missing escaping to partition listing

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 8716855b309dbe65d7b9a5d681b80579b225b322
      
https://github.com/phpmyadmin/phpmyadmin/commit/8716855b309dbe65d7b9a5d681b80579b225b322
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M templates/server/databases/table_row.phtml

  Log Message:
  -----------
  Properly escape translated string

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: d648ade18d6cbb796a93261491c121f078df2d88
      
https://github.com/phpmyadmin/phpmyadmin/commit/d648ade18d6cbb796a93261491c121f078df2d88
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M templates/server/binlog/log_selector.phtml

  Log Message:
  -----------
  Escape binary log name

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
      
https://github.com/phpmyadmin/phpmyadmin/commit/be3ecbb4cca3fbe20e3b3aa4e049902d18b60865
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M libraries/plugins/transformations/abs/DateFormatTransformationsPlugin.php
    M libraries/plugins/transformations/abs/DownloadTransformationsPlugin.php
    M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
    M libraries/plugins/transformations/abs/LongToIPv4TransformationsPlugin.php
    M libraries/plugins/transformations/abs/PreApPendTransformationsPlugin.php
    M libraries/plugins/transformations/abs/SubstringTransformationsPlugin.php
    M 
libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
    M libraries/transformations.lib.php
    M test/classes/plugin/transformations/TransformationPluginsTest.php
    M test/libraries/PMA_transformation_test.php

  Log Message:
  -----------
  Simplify and cleanup transformation plugins

Remove PMA_transformation_global_html_replace which makes the code only
more confusing.

Also add escaping to browse transformations.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 791bdafcdd441883f2bf2721356afeaf8146ab70
      
https://github.com/phpmyadmin/phpmyadmin/commit/791bdafcdd441883f2bf2721356afeaf8146ab70
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-17 (Fri, 17 Jun 2016)

  Changed paths:
    M ChangeLog
    M examples/openid.php
    M js/get_scripts.js.php
    M libraries/Config.php
    M libraries/Util.php
    M libraries/config/FormDisplay.php
    M libraries/config/Validator.php
    M libraries/core.lib.php
    M libraries/plugins/transformations/abs/DateFormatTransformationsPlugin.php
    M libraries/plugins/transformations/abs/DownloadTransformationsPlugin.php
    M libraries/plugins/transformations/abs/ImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/InlineTransformationsPlugin.php
    M libraries/plugins/transformations/abs/LongToIPv4TransformationsPlugin.php
    M libraries/plugins/transformations/abs/PreApPendTransformationsPlugin.php
    M libraries/plugins/transformations/abs/SubstringTransformationsPlugin.php
    M 
libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php
    M libraries/server_privileges.lib.php
    M libraries/transformations.lib.php
    M setup/config.php
    M setup/frames/index.inc.php
    M setup/validate.php
    M templates/server/binlog/log_selector.phtml
    M templates/server/databases/table_row.phtml
    M templates/table/structure/display_partitions.phtml
    M templates/table/structure/display_table_stats.phtml
    M test/classes/plugin/transformations/TransformationPluginsTest.php
    M test/libraries/PMA_transformation_test.php
    A test/libraries/core/PMA_cleanupPathInfo_test.php

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


  Commit: 1e5716cb96d46efc305381ae0da08e73fe340f05
      
https://github.com/phpmyadmin/phpmyadmin/commit/1e5716cb96d46efc305381ae0da08e73fe340f05
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M libraries/Header.php

  Log Message:
  -----------
  Add referrer CSP and <meta> tag

This avoids leaking Referer header in modern browsers.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 79661610f6f65443e0ec1e382a7240437f28436c
      
https://github.com/phpmyadmin/phpmyadmin/commit/79661610f6f65443e0ec1e382a7240437f28436c
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M js/get_image.js.php

  Log Message:
  -----------
  Escape attributes when showing images in javascript

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 895a131d2eb7e447757a35d5731c7d647823ea8b
      
https://github.com/phpmyadmin/phpmyadmin/commit/895a131d2eb7e447757a35d5731c7d647823ea8b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M js/ajax.js

  Log Message:
  -----------
  Escape HTML when rendering AJAX error

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 364732e309cccb3fb56c938ed8d8bc0e04a3ca98
      
https://github.com/phpmyadmin/phpmyadmin/commit/364732e309cccb3fb56c938ed8d8bc0e04a3ca98
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M js/console.js

  Log Message:
  -----------
  Escape error message from server

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 80cd2f448cfd18e6149a26a6819d99f47d87f158
      
https://github.com/phpmyadmin/phpmyadmin/commit/80cd2f448cfd18e6149a26a6819d99f47d87f158
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M ChangeLog
    M libraries/export.lib.php
    M setup/frames/servers.inc.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: b73175ed12f12aa11cc955c17ad93646b018eab6
      
https://github.com/phpmyadmin/phpmyadmin/commit/b73175ed12f12aa11cc955c17ad93646b018eab6
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M ChangeLog
    M export.php
    M libraries/export.lib.php
    M setup/frames/servers.inc.php
    M view_operations.php

  Log Message:
  -----------
  Merge branch 'master' into master-security


  Commit: 22b19b5d695fad7393875628f6fe1d4ba071f951
      
https://github.com/phpmyadmin/phpmyadmin/commit/22b19b5d695fad7393875628f6fe1d4ba071f951
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M js/ajax.js
    M js/console.js
    M js/get_image.js.php
    M libraries/Header.php

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


  Commit: 2f4950828ec241e8cbdcf13090c2582a6fa620cb
      
https://github.com/phpmyadmin/phpmyadmin/commit/2f4950828ec241e8cbdcf13090c2582a6fa620cb
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M libraries/Header.php

  Log Message:
  -----------
  Update referrer <meta> to match current standards

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: f77612dfe7b55ea676f351a4d545d7ac22fc0f8e
      
https://github.com/phpmyadmin/phpmyadmin/commit/f77612dfe7b55ea676f351a4d545d7ac22fc0f8e
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


  Commit: 4bcc606225f15bac0b07780e74f667f6ac283da7
      
https://github.com/phpmyadmin/phpmyadmin/commit/4bcc606225f15bac0b07780e74f667f6ac283da7
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M libraries/controllers/table/TableSearchController.php

  Log Message:
  -----------
  Always use delimiter not present in search expression

This avoids need to figure out correct escaping in case delimiter is
present in the expression.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 1cc7466db3a05e95fe57a6702f41773e6829d54b
      
https://github.com/phpmyadmin/phpmyadmin/commit/1cc7466db3a05e95fe57a6702f41773e6829d54b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M import.php
    M libraries/Tracker.php
    M libraries/plugins/export/ExportSql.php
    M templates/columns_definitions/transformation.phtml
    M test/libraries/core/PMA_warnMissingExtension_test.php

  Log Message:
  -----------
  Quote delimiter before using preg_replace

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: c8abc5fab6caa1a7d203dd944e3cad8842fbeea9
      
https://github.com/phpmyadmin/phpmyadmin/commit/c8abc5fab6caa1a7d203dd944e3cad8842fbeea9
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M libraries/Table.php
    M libraries/Template.php
    M po/zh_CN.po

  Log Message:
  -----------
  Merge branch 'master' into master-security


  Commit: 637d4eb4de4137eb7be19570828b6b93895ab723
      
https://github.com/phpmyadmin/phpmyadmin/commit/637d4eb4de4137eb7be19570828b6b93895ab723
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-20 (Mon, 20 Jun 2016)

  Changed paths:
    M import.php
    M libraries/Tracker.php
    M libraries/controllers/table/TableSearchController.php
    M libraries/plugins/export/ExportSql.php
    M templates/columns_definitions/transformation.phtml
    M test/libraries/core/PMA_warnMissingExtension_test.php

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


  Commit: 792cd1262f012b9b13639519d414f2acaeb5e972
      
https://github.com/phpmyadmin/phpmyadmin/commit/792cd1262f012b9b13639519d414f2acaeb5e972
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M templates/table/structure/display_partitions.phtml

  Log Message:
  -----------
  Escape partition comment when displaying

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 0b7416c5f4439ed3f11c023785f2d4c49a1b09fc
      
https://github.com/phpmyadmin/phpmyadmin/commit/0b7416c5f4439ed3f11c023785f2d4c49a1b09fc
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/server_privileges.lib.php

  Log Message:
  -----------
  Escape user group when displaying

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: d95a4a2f96c9b080f3364defcc1cd6ecd8bdc2be
      
https://github.com/phpmyadmin/phpmyadmin/commit/d95a4a2f96c9b080f3364defcc1cd6ecd8bdc2be
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/SavedSearches.php

  Log Message:
  -----------
  Avoid undefined index in case of incomplete bookmark

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 36df83a97a7f140fdb008b727a94f882847c6a6f
      
https://github.com/phpmyadmin/phpmyadmin/commit/36df83a97a7f140fdb008b727a94f882847c6a6f
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/DbQbe.php

  Log Message:
  -----------
  Escape saved search name

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 960fd1fd52023047a23d069178bfff7463c2cefc
      
https://github.com/phpmyadmin/phpmyadmin/commit/960fd1fd52023047a23d069178bfff7463c2cefc
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M templates/table/search/rows_zoom.phtml

  Log Message:
  -----------
  Properly escape zoom search column type

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 57ae483bad33059a885366d5445b7e1f6f29860a
      
https://github.com/phpmyadmin/phpmyadmin/commit/57ae483bad33059a885366d5445b7e1f6f29860a
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M js/functions.js

  Log Message:
  -----------
  Escape database name when showing dialog

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 301e1b0f7d2506b16a9e828360db21c27f051509
      
https://github.com/phpmyadmin/phpmyadmin/commit/301e1b0f7d2506b16a9e828360db21c27f051509
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/operations.lib.php

  Log Message:
  -----------
  Fix adjusting privileges for tables/databases with quote in name

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 11509c5431b2b79c29b8aa12042095d9e3c8de16
      
https://github.com/phpmyadmin/phpmyadmin/commit/11509c5431b2b79c29b8aa12042095d9e3c8de16
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/operations.lib.php

  Log Message:
  -----------
  Merge branch 'QA_4_6'


  Commit: 4d21b5c077db50c2a54b7f569d20f463cc2651f5
      
https://github.com/phpmyadmin/phpmyadmin/commit/4d21b5c077db50c2a54b7f569d20f463cc2651f5
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M js/tbl_chart.js

  Log Message:
  -----------
  Fixed rendering of chart of columns with HTML inside

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 519e634a8d13dd8739646c4cf566bde4c7092143
      
https://github.com/phpmyadmin/phpmyadmin/commit/519e634a8d13dd8739646c4cf566bde4c7092143
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/Template.php
    M libraries/operations.lib.php
    M libraries/server_privileges.lib.php
    M po/zh_CN.po
    M test/libraries/PMA_server_privileges_test.php

  Log Message:
  -----------
  Merge branch 'QA_4_6' into QA_4_6-security


  Commit: 9c8f537a231f314e9cdee037ce97b44821f14cd4
      
https://github.com/phpmyadmin/phpmyadmin/commit/9c8f537a231f314e9cdee037ce97b44821f14cd4
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M libraries/DbQbe.php
    M libraries/operations.lib.php
    M libraries/server_privileges.lib.php
    M test/libraries/PMA_server_privileges_test.php

  Log Message:
  -----------
  Merge branch 'master' into master-security


  Commit: 6ba52a72b4ad227ec99a7714c2fe4c0570863caf
      
https://github.com/phpmyadmin/phpmyadmin/commit/6ba52a72b4ad227ec99a7714c2fe4c0570863caf
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M js/functions.js
    M js/tbl_chart.js
    M libraries/DbQbe.php
    M libraries/SavedSearches.php
    M libraries/server_privileges.lib.php
    M templates/table/search/rows_zoom.phtml
    M templates/table/structure/display_partitions.phtml

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


  Commit: 615212a14d7d87712202f37354acf8581987fc5a
      
https://github.com/phpmyadmin/phpmyadmin/commit/615212a14d7d87712202f37354acf8581987fc5a
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M 
libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php

  Log Message:
  -----------
  Do not allow javascript: links in transformation

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: c3f7aa8190b45a05bd5440174ae31d80b95a41d3
      
https://github.com/phpmyadmin/phpmyadmin/commit/c3f7aa8190b45a05bd5440174ae31d80b95a41d3
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-06-22 (Wed, 22 Jun 2016)

  Changed paths:
    M 
libraries/plugins/transformations/abs/TextImageLinkTransformationsPlugin.php
    M libraries/plugins/transformations/abs/TextLinkTransformationsPlugin.php

  Log Message:
  -----------
  Merge branch 'QA_4_6-security' into master-security


Compare: 
https://github.com/phpmyadmin/phpmyadmin/compare/d338a61d329a...c3f7aa8190b4
_______________________________________________
Git mailing list
Git@phpmyadmin.net
https://lists.phpmyadmin.net/mailman/listinfo/git

Reply via email to