[phpMyAdmin Git] [phpmyadmin/phpmyadmin] b69311: Fix self-injection in Table specific privileges

Michal Čihař Wed, 16 Nov 2016 08:49:01 -0800

  Branch: refs/heads/QA_4_6
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: b69311e460bd52eebc4402a165c012e63121ef03
      
https://github.com/phpmyadmin/phpmyadmin/commit/b69311e460bd52eebc4402a165c012e63121ef03
  Author: Deven Bansod <[email protected]>
  Date:   2016-11-16 (Wed, 16 Nov 2016)


  Changed paths:
    M libraries/server_privileges.lib.php

  Log Message:
  -----------
  Fix self-injection in Table specific privileges

Don't manually add backticks (`) rather use the Util function,
since escaping of backticks inside the column_name has to be handled too.

Fix #12361

Signed-off-by: Deven Bansod <[email protected]>


  Commit: 88b284816cdcbb3783685785f887faa061d0bd07
      
https://github.com/phpmyadmin/phpmyadmin/commit/88b284816cdcbb3783685785f887faa061d0bd07
  Author: Deven Bansod <[email protected]>
  Date:   2016-11-16 (Wed, 16 Nov 2016)

  Changed paths:
    M ChangeLog

  Log Message:
  -----------
  ChangeLog for #12361

Signed-off-by: Deven Bansod <[email protected]>

Conflicts:
        ChangeLog


  Commit: 80d1bc7c2b6c29b29fe6653ae54d34f8bbb828d4
      
https://github.com/phpmyadmin/phpmyadmin/commit/80d1bc7c2b6c29b29fe6653ae54d34f8bbb828d4
  Author: Michal Čihař <[email protected]>
  Date:   2016-11-16 (Wed, 16 Nov 2016)

  Changed paths:
    M ChangeLog
    M libraries/server_privileges.lib.php

  Log Message:
  -----------
  Merge pull request #12711 from devenbansod/fix_12361

Fix #12361 : Fix self SQL injection in table-specific privileges


Compare: 
https://github.com/phpmyadmin/phpmyadmin/compare/0c36e5fd8536...80d1bc7c2b6c

_______________________________________________
Git mailing list
[email protected]
https://lists.phpmyadmin.net/mailman/listinfo/git

[phpMyAdmin Git] [phpmyadmin/phpmyadmin] b69311: Fix self-injection in Table specific privileges

Reply via email to