Hello community,

here is the log from the commit of package phpMyAdmin for openSUSE:Factory
checked in at Mon Aug 1 10:18:53 CEST 2011.



--------
--- phpMyAdmin/phpMyAdmin.changes       2011-07-04 15:30:23.000000000 +0200
+++ /mounts/work_src_done/STABLE/phpMyAdmin/phpMyAdmin.changes  2011-07-29 
17:10:57.000000000 +0200
@@ -1,0 +2,7 @@
+Fri Jul 29 14:57:01 UTC 2011 - ch...@computersalat.de
+
+- update to 3.4.3.2
+  o PMASA-2011-9 to PMASA-2011-12
+    http://www.phpmyadmin.net/home_page/security/
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  phpMyAdmin-3.4.3.1-all-languages.tar.bz2

New:
----
  phpMyAdmin-3.4.3.2-all-languages.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ phpMyAdmin.spec ++++++
--- /var/tmp/diff_new_pack.jf1KRn/_old  2011-08-01 10:17:41.000000000 +0200
+++ /var/tmp/diff_new_pack.jf1KRn/_new  2011-08-01 10:17:41.000000000 +0200
@@ -34,7 +34,7 @@
 %endif
 
 Summary:        Administration of MySQL over the web
-Version:        3.4.3.1
+Version:        3.4.3.2
 Release:        1
 License:        GPLv2+
 Group:          Productivity/Networking/Web/Frontends

++++++ phpMyAdmin-3.4.3.1-all-languages.tar.bz2 -> 
phpMyAdmin-3.4.3.2-all-languages.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/ChangeLog 
new/phpMyAdmin-3.4.3.2-all-languages/ChangeLog
--- old/phpMyAdmin-3.4.3.1-all-languages/ChangeLog      2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/ChangeLog      2011-07-23 
14:42:50.000000000 +0200
@@ -1,6 +1,12 @@
 phpMyAdmin - ChangeLog
 ======================
 
+3.4.3.2 (2011-07-23)
+- [security] Fixed XSS vulnerability, see PMASA-2011-9
+- [security] Fixed local file inclusion vulnerability, see PMASA-2011-10
+- [security] Fixed local file inclusion vulnerability and code execution, see 
PMASA-2011-11
+- [security] Fixed possible session manipulation in swekey authentication, see 
PMASA-2011-12
+
 3.4.3.1 (2011-07-02)
 - [security] Fixed possible session manipulation in swekey authentication, see 
PMASA-2011-5
 - [security] Fixed possible code injection incase session variables are 
compromised, see PMASA-2011-6
@@ -95,7 +101,7 @@
 + patch #2974341 [structure] Clicking on table name in db Structure should 
   Browse the table if possible, thanks to bhdouglass - dougboybhd
 + patch #2975533 [search] New search operators, thanks to
-  Martynas Mickevičius
+  Martynas Mickevičius
 + patch #2967320 [designer] Colored relations based on the primary key,
   thanks to GreenRover - greenrover
 - [core] Provide way for vendors to easily change paths to config files.
@@ -249,7 +255,7 @@
 
 3.3.7.0 (2010-09-07)
 - patch #3050492 [PDF scratchboard] Cannot drag table box to the edge after
-  a page size increase, thanks to Martin Schönberger - mad05
+  a page size increase, thanks to Martin Schönberger - mad05
 
 3.3.6.0 (2010-08-28)
 - bug #3033063 [core] Navi gets wrong db name
@@ -270,7 +276,7 @@
 
 3.3.5.0 (2010-07-26)
 - patch #2932113 [information_schema] Slow export when having lots of
-  databases, thanks to Stéphane Pontier - shadow_walker
+  databases, thanks to Stéphane Pontier - shadow_walker
 - bug #3022705 [import] Import button does not work in Catalan when there
   is no progress bar possible
 - bug [replication] Do not offer information_schema in the list of databases
@@ -310,9 +316,9 @@
 - patch #2984893 [engines] InnoDB storage page emits a warning,
   thanks to Madhura Jayaratne - madhuracj
 - bug #2974687, bug #2974692 [compatibility] PHPExcel : IBM AIX iconv() does 
not work,
-  thanks to Björn Wiberg - bwiberg
+  thanks to Björn Wiberg - bwiberg
 - bug #2983066 [interface] Flush table on table operations shows the query 
twice, 
-  thanks to Martynas Mickevičius - BlinK_
+  thanks to Martynas Mickevičius - BlinK_
 - bug #2983060, patch #2987900 [interface] Fix initial state of tables in
   designer, thanks to Sutharshan Balachandren.
 - bug #2983062, patch #2989408 [engines] Fix warnings when changing table
@@ -391,7 +397,7 @@
 + rfe #2839504 [engines] Support InnoDB plugin's new row formats 
 + [core] Added ability for synchronizing databases among servers.
 + [lang] #2843101 Dutch update, thanks to scavenger2008
-+ [lang] Galician update, thanks to Xosé Calvo - xosecalvo
++ [lang] Galician update, thanks to Xosé Calvo - xosecalvo
 + [export] Added MediaWiki export module,
   thanks to Derek Schaefer - drummingds1
 + [lang] Turkish update, thanks to Burak Yavuz
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/Documentation.html 
new/phpMyAdmin-3.4.3.2-all-languages/Documentation.html
--- old/phpMyAdmin-3.4.3.1-all-languages/Documentation.html     2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/Documentation.html     2011-07-23 
14:42:50.000000000 +0200
@@ -9,7 +9,7 @@
     <link rel="icon" href="./favicon.ico" type="image/x-icon" />
     <link rel="shortcut icon" href="./favicon.ico" type="image/x-icon" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-    <title>phpMyAdmin 3.4.3.1 - Documentation</title>
+    <title>phpMyAdmin 3.4.3.2 - Documentation</title>
     <link rel="stylesheet" type="text/css" href="docs.css" />
 </head>
 
@@ -17,7 +17,7 @@
 <div id="header">
     <h1>
         <a href="http://www.phpmyadmin.net/";>php<span 
class="myadmin">MyAdmin</span></a>
-        3.4.3.1
+        3.4.3.2
         Documentation
     </h1>
 </div>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/Documentation.txt 
new/phpMyAdmin-3.4.3.2-all-languages/Documentation.txt
--- old/phpMyAdmin-3.4.3.1-all-languages/Documentation.txt      2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/Documentation.txt      2011-07-23 
14:42:50.000000000 +0200
@@ -1,4 +1,4 @@
-phpMyAdmin 3.4.3.1 Documentation
+phpMyAdmin 3.4.3.2 Documentation
 
   * Top
   * Requirements
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/README 
new/phpMyAdmin-3.4.3.2-all-languages/README
--- old/phpMyAdmin-3.4.3.1-all-languages/README 2011-07-03 03:18:28.000000000 
+0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/README 2011-07-23 14:42:50.000000000 
+0200
@@ -1,7 +1,7 @@
 phpMyAdmin - Readme
 ===================
 
-Version 3.4.3.1
+Version 3.4.3.2
 
 A set of PHP-scripts to manage MySQL over the web.
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.3.1-all-languages/RELEASE-DATE-3.4.3.1 
new/phpMyAdmin-3.4.3.2-all-languages/RELEASE-DATE-3.4.3.1
--- old/phpMyAdmin-3.4.3.1-all-languages/RELEASE-DATE-3.4.3.1   2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/RELEASE-DATE-3.4.3.1   1970-01-01 
01:00:00.000000000 +0100
@@ -1 +0,0 @@
-Sun Jul  3 01:17:20 UTC 2011
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.3.1-all-languages/RELEASE-DATE-3.4.3.2 
new/phpMyAdmin-3.4.3.2-all-languages/RELEASE-DATE-3.4.3.2
--- old/phpMyAdmin-3.4.3.1-all-languages/RELEASE-DATE-3.4.3.2   1970-01-01 
01:00:00.000000000 +0100
+++ new/phpMyAdmin-3.4.3.2-all-languages/RELEASE-DATE-3.4.3.2   2011-07-23 
14:42:50.000000000 +0200
@@ -0,0 +1 @@
+Sat Jul 23 12:41:41 UTC 2011
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.3.1-all-languages/libraries/Config.class.php 
new/phpMyAdmin-3.4.3.2-all-languages/libraries/Config.class.php
--- old/phpMyAdmin-3.4.3.1-all-languages/libraries/Config.class.php     
2011-07-03 03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/libraries/Config.class.php     
2011-07-23 14:42:50.000000000 +0200
@@ -96,7 +96,7 @@
      */
     function checkSystem()
     {
-        $this->set('PMA_VERSION', '3.4.3.1');
+        $this->set('PMA_VERSION', '3.4.3.2');
         /**
          * @deprecated
          */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.3.1-all-languages/libraries/auth/swekey/swekey.auth.lib.php 
new/phpMyAdmin-3.4.3.2-all-languages/libraries/auth/swekey/swekey.auth.lib.php
--- 
old/phpMyAdmin-3.4.3.1-all-languages/libraries/auth/swekey/swekey.auth.lib.php  
    2011-07-03 03:18:28.000000000 +0200
+++ 
new/phpMyAdmin-3.4.3.2-all-languages/libraries/auth/swekey/swekey.auth.lib.php  
    2011-07-23 14:42:50.000000000 +0200
@@ -143,7 +143,9 @@
         return "Internal Error: CA File $caFile not found";
 
     $result = null;
-    parse_str($_SERVER['QUERY_STRING']);
+       $swekey_id = $_GET['swekey_id'];
+       $swekey_otp = $_GET['swekey_otp'];
+
     if (isset($swekey_id)) {
         unset($_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY']);
         if (! isset($_SESSION['SWEKEY']['RND_TOKEN'])) {
@@ -166,7 +168,7 @@
                 $result = __('No valid authentication key plugged');
                 if ($_SESSION['SWEKEY']['CONF_DEBUG'])
                 {
-                    $result .= "<br>".$swekey_id;
+                    $result .= "<br>" . htmlspecialchars($swekey_id);
                 }
                 unset($_SESSION['SWEKEY']['CONF_LOADED']); // reload the conf 
file
              }
@@ -186,16 +188,16 @@
         <script>
            if (key.length != 32)
            {
-               window.location.search="?swekey_id=" + key;
+               window.location.search="?swekey_id=" + key + "&token=<?php echo 
$_SESSION[' PMA_token ']; ?>";
            }
            else
            {
                var url = "" + window.location;
                if (url.indexOf("?") > 0)
                    url = url.substr(0, url.indexOf("?"));
-               Swekey_SetUnplugUrl(key, "pma_login", url + 
"?session_to_unset=<?php echo session_id();?>");
+               Swekey_SetUnplugUrl(key, "pma_login", url + 
"?session_to_unset=<?php echo session_id();?>&token=<?php echo $_SESSION[' 
PMA_token ']; ?>");
                var otp = Swekey_GetOtp(key, <?php echo 
'"'.$_SESSION['SWEKEY']['RND_TOKEN'].'"';?>);
-               window.location.search="?swekey_id=" + key + "&swekey_otp=" + 
otp;
+               window.location.search="?swekey_id=" + key + "&swekey_otp=" + 
otp + "&token=<?php echo $_SESSION[' PMA_token ']; ?>";
            }
         </script>
         <?php
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/phpMyAdmin-3.4.3.1-all-languages/libraries/schema/User_Schema.class.php 
new/phpMyAdmin-3.4.3.2-all-languages/libraries/schema/User_Schema.class.php
--- old/phpMyAdmin-3.4.3.1-all-languages/libraries/schema/User_Schema.class.php 
2011-07-03 03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/libraries/schema/User_Schema.class.php 
2011-07-23 14:42:50.000000000 +0200
@@ -567,10 +567,13 @@
         require_once './libraries/transformations.lib.php';
         require_once './libraries/Index.class.php';
         /**
-         * default is PDF
+         * default is PDF, otherwise validate it's only letters a-z
          */
         global  $db,$export_type;
-        $export_type            = isset($export_type) ? $export_type : 'pdf';
+        if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', 
$export_type)) {
+            $export_type = 'pdf';
+        }
+
         PMA_DBI_select_db($db);
 
         
include("./libraries/schema/".ucfirst($export_type)."_Relation_Schema.class.php");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/schema_export.php 
new/phpMyAdmin-3.4.3.2-all-languages/schema_export.php
--- old/phpMyAdmin-3.4.3.1-all-languages/schema_export.php      2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/schema_export.php      2011-07-23 
14:42:50.000000000 +0200
@@ -37,7 +37,9 @@
  * default is PDF
  */
 global  $db,$export_type;
-$export_type = isset($export_type) ? $export_type : 'pdf';
+if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) {
+    $export_type = 'pdf';
+}
 PMA_DBI_select_db($db);
 
 $path = PMA_securePath(ucfirst($export_type));
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/sql.php 
new/phpMyAdmin-3.4.3.2-all-languages/sql.php
--- old/phpMyAdmin-3.4.3.1-all-languages/sql.php        2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/sql.php        2011-07-23 
14:42:50.000000000 +0200
@@ -719,7 +719,7 @@
             parse_str($_REQUEST['transform_fields_list'], $edited_values);
 
             foreach($mime_map as $transformation) {
-                $include_file = $transformation['transformation'];
+                $include_file = 
PMA_securePath($transformation['transformation']);
                 $column_name = $transformation['column_name'];
                 $column_data = $edited_values[$column_name];
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/phpMyAdmin-3.4.3.1-all-languages/tbl_printview.php 
new/phpMyAdmin-3.4.3.2-all-languages/tbl_printview.php
--- old/phpMyAdmin-3.4.3.1-all-languages/tbl_printview.php      2011-07-03 
03:18:28.000000000 +0200
+++ new/phpMyAdmin-3.4.3.2-all-languages/tbl_printview.php      2011-07-23 
14:42:50.000000000 +0200
@@ -69,7 +69,7 @@
         $tbl_list .= (empty($tbl_list) ? '' : ', ')
                   . PMA_backquote($table);
     }
-    echo '<strong>'.  __('Show tables') . ': ' . $tbl_list . '</strong>' . 
"\n";
+    echo '<strong>'.  __('Show tables') . ': ' . htmlspecialchars($tbl_list) . 
'</strong>' . "\n";
     echo '<hr />' . "\n";
 } // end if
 
@@ -84,7 +84,7 @@
     }
     $counter++;
     echo '<div' . $breakstyle . '>' . "\n";
-    echo '<h1>' . $table . '</h1>' . "\n";
+    echo '<h1>' . htmlspecialchars($table) . '</h1>' . "\n";
 
     /**
      * Gets table informations


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to