commit phpMyAdmin for openSUSE:Factory

Mon, 01 Jul 2019 01:45:13 -0700 

Hello community,

here is the log from the commit of package phpMyAdmin for openSUSE:Factory 
checked in at 2019-07-01 10:44:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old)
 and      /work/SRC/openSUSE:Factory/.phpMyAdmin.new.4615 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "phpMyAdmin"

Mon Jul  1 10:44:30 2019 rev:158 rq:712644 version:4.9.0.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes    2019-06-06 
18:18:10.656671001 +0200
+++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new.4615/phpMyAdmin.changes  
2019-07-01 10:44:30.809491035 +0200
@@ -1,0 +2,7 @@
+Sun Jun 30 13:05:23 UTC 2019 - [email protected]
+
+- fix changelog
+  * add missing boo# with relation to CVE and PMASA
+- rebase phpMyAdmin-config.patch
+
+-------------------------------------------------------------------
@@ -5,4 +11,0 @@
-  * CVE-2019-11768: PMASA-2019-3 is an SQL injection flaw in the 
-    Designer feature
-  * CVE-2019-12616: PMASA-2019-4 is a CSRF attack that's possible 
-    through the 'cookie' login form
@@ -26,0 +30,8 @@
+- fix for boo#1137497
+  * PMASA-2019-4 (CVE-2019-12616, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2019-4/
+    - CSRF vulnerability in login form
+- fix for boo#1137496
+  * PMASA-2019-3 (CVE-2019-11768, CWE-661)
+    https://www.phpmyadmin.net/security/PMASA-2019-3/
+    - SQL injection in Designer feature

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------

++++++ phpMyAdmin-config.patch ++++++
--- /var/tmp/diff_new_pack.npvkQo/_old  2019-07-01 10:44:32.969494561 +0200
+++ /var/tmp/diff_new_pack.npvkQo/_new  2019-07-01 10:44:32.981494580 +0200
@@ -250,7 +250,7 @@
 ===================================================================
 --- libraries/vendor_config.php.orig
 +++ libraries/vendor_config.php
-@@ -17,25 +17,25 @@ if (! defined('PHPMYADMIN')) {
+@@ -28,25 +28,25 @@ define('TEMP_DIR', './tmp/');
   * Path to changelog file, can be gzip compressed. Useful when you want to
   * have documentation somewhere else, eg. /usr/share/doc.
   */

Reply via email to