Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Leap:15.2 checked in at 2020-03-31 07:23:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/phpMyAdmin (Old) and /work/SRC/openSUSE:Leap:15.2/.phpMyAdmin.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "phpMyAdmin" Tue Mar 31 07:23:43 2020 rev:31 rq:789549 version:4.9.5 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/phpMyAdmin/phpMyAdmin.changes 2020-01-15 15:43:55.939271756 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.phpMyAdmin.new.3160/phpMyAdmin.changes 2020-03-31 07:23:52.866437386 +0200 @@ -1,0 +2,15 @@ +Mon Mar 23 06:40:08 UTC 2020 - ec...@opensuse.org + +- Update to 4.9.5 + This is a security release containing several bug fixes. + * CVE-2020-10804: SQL injection vulnerability in the user + accounts page, particularly when changing a password + (boo#1167335, PMASA-2020-2) + * CVE-2020-10802: SQL injection vulnerability relating to the + search feature (boo#1167336, PMASA-2020-3) + * CVE-2020-10803: SQL injection and XSS having to do with + displaying results (boo#1167337, PMASA-2020-4) + * Removing of the "options" field for the external + transformation. + +------------------------------------------------------------------- Old: ---- phpMyAdmin-4.9.4-all-languages.tar.xz phpMyAdmin-4.9.4-all-languages.tar.xz.asc New: ---- phpMyAdmin-4.9.5-all-languages.tar.xz phpMyAdmin-4.9.5-all-languages.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin.spec ++++++ --- /var/tmp/diff_new_pack.vYv6VP/_old 2020-03-31 07:23:53.462437645 +0200 +++ /var/tmp/diff_new_pack.vYv6VP/_new 2020-03-31 07:23:53.466437647 +0200 @@ -29,7 +29,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.9.4 +Version: 4.9.5 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0-or-later ++++++ phpMyAdmin-4.9.4-all-languages.tar.xz -> phpMyAdmin-4.9.5-all-languages.tar.xz ++++++ ++++ 44851 lines of diff (skipped)