Branch: refs/heads/MAINT_4_0_10
  Home:   https://github.com/phpmyadmin/phpmyadmin
  Commit: afe84645f29f5acc9970f3ffa5673585bf2dee7d
      
https://github.com/phpmyadmin/phpmyadmin/commit/afe84645f29f5acc9970f3ffa5673585bf2dee7d
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-08 (Thu, 08 Dec 2016)

  Changed paths:
    M libraries/structure.lib.php

  Log Message:
  -----------
  Quote table name for use in regexp

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 7fe97a1f3c4695f630e39d9433b8fa7539eee30e
      
https://github.com/phpmyadmin/phpmyadmin/commit/7fe97a1f3c4695f630e39d9433b8fa7539eee30e
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-08 (Thu, 08 Dec 2016)

  Changed paths:
    M setup/frames/index.inc.php

  Log Message:
  -----------
  Avoid using REQUEST_URI in form action

It's really not necessary here and might cause redirection issues.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 3d230b6ab76ff018645f2090c2664169835f465b
      
https://github.com/phpmyadmin/phpmyadmin/commit/3d230b6ab76ff018645f2090c2664169835f465b
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-08 (Thu, 08 Dec 2016)

  Changed paths:
    M tbl_replace.php

  Log Message:
  -----------
  Avoid infinite recursion on goto

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 00607e60417f43cd9202d5fbf49b3a78385c4138
      
https://github.com/phpmyadmin/phpmyadmin/commit/00607e60417f43cd9202d5fbf49b3a78385c4138
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-08 (Thu, 08 Dec 2016)

  Changed paths:
    M tbl_replace.php

  Log Message:
  -----------
  Whitespace cleanup

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 8a0816266cc1db9e9889829f9f0d88a19650c977
      
https://github.com/phpmyadmin/phpmyadmin/commit/8a0816266cc1db9e9889829f9f0d88a19650c977
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-08 (Thu, 08 Dec 2016)

  Changed paths:
    M libraries/Theme.class.php

  Log Message:
  -----------
  Do not provide fallback to cookie for font size

* This should be already handled by Config class
* Injecting cookie value to CSS could be security risk

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: f8ad5bd759156c8c00a1c3e0ef374660027a3bb4
      
https://github.com/phpmyadmin/phpmyadmin/commit/f8ad5bd759156c8c00a1c3e0ef374660027a3bb4
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2016-12-21 (Wed, 21 Dec 2016)

  Changed paths:
    M server_replication.php

  Log Message:
  -----------
  Do not allow arbitrary connection in replication setup without 
AllowArbitraryServer

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 801485a7f43998a633a857bd4a00ad085138937d
      
https://github.com/phpmyadmin/phpmyadmin/commit/801485a7f43998a633a857bd4a00ad085138937d
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2017-01-07 (Sat, 07 Jan 2017)

  Changed paths:
    M doc/setup.rst
    M libraries/config/ConfigFile.class.php
    M libraries/vendor_config.php
    M setup/config.php
    M setup/frames/config.inc.php
    M setup/frames/index.inc.php
    M setup/lib/index.lib.php

  Log Message:
  -----------
  Remove setup download/load/delete features

This removes risk of third party manipulating with the configuration as
there was race condition between editing and using the file.

Downloading the file should not be big hassle and this really makes the
whole setup a bit simpler.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 88cc11ab134d39f19e7ebf32db4641071e7607ff
      
https://github.com/phpmyadmin/phpmyadmin/commit/88cc11ab134d39f19e7ebf32db4641071e7607ff
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2017-01-07 (Sat, 07 Jan 2017)

  Changed paths:
    M setup/index.php

  Log Message:
  -----------
  Disable setup if configuration already exists

The setup allows to figure out quite a lot about system and network, so
it's safer to block access to it once phpMyAdmin has been configured.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 4b5f3f9a121dd2b606d8f455f182db21512244fe
      
https://github.com/phpmyadmin/phpmyadmin/commit/4b5f3f9a121dd2b606d8f455f182db21512244fe
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2017-01-17 (Tue, 17 Jan 2017)

  Changed paths:
    M libraries/php-gettext/gettext.php

  Log Message:
  -----------
  Merge changes from php-gettext 1.0.12

This ensures that parameter to select_string is numeric, avoiding code
injection through it.

Our code is not vulnerable as we do not pass user supplied values to
this function, this fix is included only to be closer to upstream.

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 567b27487e8cb6ed97ba25afc46ed1223b3e31eb
      
https://github.com/phpmyadmin/phpmyadmin/commit/567b27487e8cb6ed97ba25afc46ed1223b3e31eb
  Author: Michal Čihař <mic...@cihar.com>
  Date:   2017-01-21 (Sat, 21 Jan 2017)

  Changed paths:
    M ChangeLog
    M README
    M doc/conf.py
    M libraries/Config.class.php

  Log Message:
  -----------
  Prepare changelog for 4.0.10.19

Signed-off-by: Michal Čihař <mic...@cihar.com>


  Commit: 3d8b97b2556311ca7a0a9b8cbbbba94aa2276b6e
      
https://github.com/phpmyadmin/phpmyadmin/commit/3d8b97b2556311ca7a0a9b8cbbbba94aa2276b6e
  Author: Isaac Bennetch <benne...@gmail.com>
  Date:   2017-01-23 (Mon, 23 Jan 2017)

  Changed paths:
    M ChangeLog

  Log Message:
  -----------
  ChangeLog for 4.0.10.19

Signed-off-by: Isaac Bennetch <benne...@gmail.com>


Compare: 
https://github.com/phpmyadmin/phpmyadmin/compare/69b4b5c7f571...3d8b97b25563
_______________________________________________
Git mailing list
Git@phpmyadmin.net
https://lists.phpmyadmin.net/mailman/listinfo/git

Reply via email to