Branch: refs/heads/MAINT_4_0_10
Home: https://github.com/phpmyadmin/phpmyadmin
Commit: afe84645f29f5acc9970f3ffa5673585bf2dee7d
https://github.com/phpmyadmin/phpmyadmin/commit/afe84645f29f5acc9970f3ffa5673585bf2dee7d
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-08 (Thu, 08 Dec 2016)
Changed paths:
M libraries/structure.lib.php
Log Message:
-----------
Quote table name for use in regexp
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 7fe97a1f3c4695f630e39d9433b8fa7539eee30e
https://github.com/phpmyadmin/phpmyadmin/commit/7fe97a1f3c4695f630e39d9433b8fa7539eee30e
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-08 (Thu, 08 Dec 2016)
Changed paths:
M setup/frames/index.inc.php
Log Message:
-----------
Avoid using REQUEST_URI in form action
It's really not necessary here and might cause redirection issues.
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 3d230b6ab76ff018645f2090c2664169835f465b
https://github.com/phpmyadmin/phpmyadmin/commit/3d230b6ab76ff018645f2090c2664169835f465b
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-08 (Thu, 08 Dec 2016)
Changed paths:
M tbl_replace.php
Log Message:
-----------
Avoid infinite recursion on goto
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 00607e60417f43cd9202d5fbf49b3a78385c4138
https://github.com/phpmyadmin/phpmyadmin/commit/00607e60417f43cd9202d5fbf49b3a78385c4138
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-08 (Thu, 08 Dec 2016)
Changed paths:
M tbl_replace.php
Log Message:
-----------
Whitespace cleanup
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 8a0816266cc1db9e9889829f9f0d88a19650c977
https://github.com/phpmyadmin/phpmyadmin/commit/8a0816266cc1db9e9889829f9f0d88a19650c977
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-08 (Thu, 08 Dec 2016)
Changed paths:
M libraries/Theme.class.php
Log Message:
-----------
Do not provide fallback to cookie for font size
* This should be already handled by Config class
* Injecting cookie value to CSS could be security risk
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: f8ad5bd759156c8c00a1c3e0ef374660027a3bb4
https://github.com/phpmyadmin/phpmyadmin/commit/f8ad5bd759156c8c00a1c3e0ef374660027a3bb4
Author: Michal Čihař <mic...@cihar.com>
Date: 2016-12-21 (Wed, 21 Dec 2016)
Changed paths:
M server_replication.php
Log Message:
-----------
Do not allow arbitrary connection in replication setup without
AllowArbitraryServer
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 801485a7f43998a633a857bd4a00ad085138937d
https://github.com/phpmyadmin/phpmyadmin/commit/801485a7f43998a633a857bd4a00ad085138937d
Author: Michal Čihař <mic...@cihar.com>
Date: 2017-01-07 (Sat, 07 Jan 2017)
Changed paths:
M doc/setup.rst
M libraries/config/ConfigFile.class.php
M libraries/vendor_config.php
M setup/config.php
M setup/frames/config.inc.php
M setup/frames/index.inc.php
M setup/lib/index.lib.php
Log Message:
-----------
Remove setup download/load/delete features
This removes risk of third party manipulating with the configuration as
there was race condition between editing and using the file.
Downloading the file should not be big hassle and this really makes the
whole setup a bit simpler.
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 88cc11ab134d39f19e7ebf32db4641071e7607ff
https://github.com/phpmyadmin/phpmyadmin/commit/88cc11ab134d39f19e7ebf32db4641071e7607ff
Author: Michal Čihař <mic...@cihar.com>
Date: 2017-01-07 (Sat, 07 Jan 2017)
Changed paths:
M setup/index.php
Log Message:
-----------
Disable setup if configuration already exists
The setup allows to figure out quite a lot about system and network, so
it's safer to block access to it once phpMyAdmin has been configured.
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 4b5f3f9a121dd2b606d8f455f182db21512244fe
https://github.com/phpmyadmin/phpmyadmin/commit/4b5f3f9a121dd2b606d8f455f182db21512244fe
Author: Michal Čihař <mic...@cihar.com>
Date: 2017-01-17 (Tue, 17 Jan 2017)
Changed paths:
M libraries/php-gettext/gettext.php
Log Message:
-----------
Merge changes from php-gettext 1.0.12
This ensures that parameter to select_string is numeric, avoiding code
injection through it.
Our code is not vulnerable as we do not pass user supplied values to
this function, this fix is included only to be closer to upstream.
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 567b27487e8cb6ed97ba25afc46ed1223b3e31eb
https://github.com/phpmyadmin/phpmyadmin/commit/567b27487e8cb6ed97ba25afc46ed1223b3e31eb
Author: Michal Čihař <mic...@cihar.com>
Date: 2017-01-21 (Sat, 21 Jan 2017)
Changed paths:
M ChangeLog
M README
M doc/conf.py
M libraries/Config.class.php
Log Message:
-----------
Prepare changelog for 4.0.10.19
Signed-off-by: Michal Čihař <mic...@cihar.com>
Commit: 3d8b97b2556311ca7a0a9b8cbbbba94aa2276b6e
https://github.com/phpmyadmin/phpmyadmin/commit/3d8b97b2556311ca7a0a9b8cbbbba94aa2276b6e
Author: Isaac Bennetch <benne...@gmail.com>
Date: 2017-01-23 (Mon, 23 Jan 2017)
Changed paths:
M ChangeLog
Log Message:
-----------
ChangeLog for 4.0.10.19
Signed-off-by: Isaac Bennetch <benne...@gmail.com>
Compare:
https://github.com/phpmyadmin/phpmyadmin/compare/69b4b5c7f571...3d8b97b25563
_______________________________________________
Git mailing list
Git@phpmyadmin.net
https://lists.phpmyadmin.net/mailman/listinfo/git