commit adminer for openSUSE:Factory

Tue, 12 May 2020 13:33:23 -0700 

Hello community,

here is the log from the commit of package adminer for openSUSE:Factory checked 
in at 2020-05-12 22:32:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/adminer (Old)
 and      /work/SRC/openSUSE:Factory/.adminer.new.2738 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "adminer"

Tue May 12 22:32:03 2020 rev:24 rq:802749 version:4.7.7

Changes:
--------
--- /work/SRC/openSUSE:Factory/adminer/adminer.changes  2020-02-03 
11:14:38.465885047 +0100
+++ /work/SRC/openSUSE:Factory/.adminer.new.2738/adminer.changes        
2020-05-12 22:32:57.771948357 +0200
@@ -1,0 +2,12 @@
+Mon May 11 16:29:55 UTC 2020 - [email protected]
+
+- Update to version 4.7.7:
+  * Release 4.7.7
+  * Fix open redirect if Adminer is accessible at //adminer.php%2F@ (thanks to 
Prakash Sharma)
+  * Update Finnish translation
+  * Fix typo in Greek translation
+  * Add missing translation
+  * Fix forwarded IP comparison in login-ip plugin
+  * Release 4.7.6
+
+-------------------------------------------------------------------

Old:
----
  adminer-4.7.6.tar.xz

New:
----
  adminer-4.7.7.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ adminer.spec ++++++
--- /var/tmp/diff_new_pack.uAsxK9/_old  2020-05-12 22:32:58.687950268 +0200
+++ /var/tmp/diff_new_pack.uAsxK9/_new  2020-05-12 22:32:58.691950276 +0200
@@ -22,7 +22,7 @@
 %bcond_with mongodb
 %bcond_with mssql
 Name:           adminer
-Version:        4.7.6
+Version:        4.7.7
 Release:        0
 Summary:        Database management in a single PHP file
 License:        GPL-2.0-only OR Apache-2.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.uAsxK9/_old  2020-05-12 22:32:58.727950351 +0200
+++ /var/tmp/diff_new_pack.uAsxK9/_new  2020-05-12 22:32:58.727950351 +0200
@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
-    <param name="revision">refs/tags/v4.7.6</param>
+    <param name="revision">refs/tags/v4.7.7</param>
     <param name="url">https://github.com/vrana/adminer.git</param>
     <param name="scm">git</param>
     <param name="changesgenerate">enable</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.uAsxK9/_old  2020-05-12 22:32:58.751950401 +0200
+++ /var/tmp/diff_new_pack.uAsxK9/_new  2020-05-12 22:32:58.751950401 +0200
@@ -1,6 +1,6 @@
 <servicedata>
   <service name="tar_scm">
     <param name="url">https://github.com/vrana/adminer.git</param>
-    <param 
name="changesrevision">5ef2068837a89309e721a24672b8cdadbe10c179</param>
+    <param 
name="changesrevision">ac40be998d9fcf2a7e3fcdbd5efa3dec9e070f14</param>
   </service>
 </servicedata>

++++++ adminer-4.7.6.tar.xz -> adminer-4.7.7.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/adminer/include/bootstrap.inc.php 
new/adminer-4.7.7/adminer/include/bootstrap.inc.php
--- old/adminer-4.7.6/adminer/include/bootstrap.inc.php 2020-01-31 
11:23:04.000000000 +0100
+++ new/adminer-4.7.7/adminer/include/bootstrap.inc.php 2020-05-11 
11:51:57.000000000 +0200
@@ -84,7 +84,7 @@
 
 define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
 define("DB", $_GET["db"]); // for the sake of speed and size
-define("ME", str_replace(":", "%3a", preg_replace('~^[^?]*/([^?]*).*~', '\1', 
$_SERVER["REQUEST_URI"])) . '?'
+define("ME", str_replace(":", "%3a", preg_replace('~\?.*~', '', 
relative_uri())) . '?'
        . (sid() ? SID . '&' : '')
        . (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '')
        . (isset($_GET["username"]) ? "username=" . 
urlencode($_GET["username"]) . '&' : '')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/adminer/include/functions.inc.php 
new/adminer-4.7.7/adminer/include/functions.inc.php
--- old/adminer-4.7.6/adminer/include/functions.inc.php 2020-01-31 
11:23:04.000000000 +0100
+++ new/adminer-4.7.7/adminer/include/functions.inc.php 2020-05-11 
11:51:57.000000000 +0200
@@ -721,12 +721,19 @@
        return lang('%.3f s', max(0, microtime(true) - $start));
 }
 
+/** Get relative REQUEST_URI
+* @return string
+*/
+function relative_uri() {
+       return preg_replace('~^[^?]*/([^?]*)~', '\1', $_SERVER["REQUEST_URI"]);
+}
+
 /** Remove parameter from query string
 * @param string
 * @return string
 */
 function remove_from_uri($param = "") {
-       return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . 
session_name()) . ")=[^&]*&~", '', "$_SERVER[REQUEST_URI]&"), 0, -1);
+       return substr(preg_replace("~(?<=[?&])($param" . (SID ? "" : "|" . 
session_name()) . ")=[^&]*&~", '', relative_uri() . "&"), 0, -1);
 }
 
 /** Generate page number for pagination
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/adminer/include/version.inc.php 
new/adminer-4.7.7/adminer/include/version.inc.php
--- old/adminer-4.7.6/adminer/include/version.inc.php   2020-01-31 
11:23:04.000000000 +0100
+++ new/adminer-4.7.7/adminer/include/version.inc.php   2020-05-11 
11:51:57.000000000 +0200
@@ -1,2 +1,2 @@
 <?php
-$VERSION = "4.7.6";
+$VERSION = "4.7.7";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/adminer/lang/el.inc.php 
new/adminer-4.7.7/adminer/lang/el.inc.php
--- old/adminer-4.7.6/adminer/lang/el.inc.php   2020-01-31 11:23:04.000000000 
+0100
+++ new/adminer-4.7.7/adminer/lang/el.inc.php   2020-05-11 11:51:57.000000000 
+0200
@@ -234,7 +234,7 @@
        'Sort' => 'Ταξινόμηση',
        'descending' => 'Φθίνουσα',
        'Limit' => 'Όριο',
-       'Limit rows' => 'Περιοριμός σειρών',
+       'Limit rows' => 'Περιορισμός σειρών',
        'Text length' => 'Μήκος κειμένου',
        'Action' => 'Ενέργεια',
        'Full table scan' => 'Πλήρης σάρωση πινάκων',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/adminer/lang/fi.inc.php 
new/adminer-4.7.7/adminer/lang/fi.inc.php
--- old/adminer-4.7.6/adminer/lang/fi.inc.php   2020-01-31 11:23:04.000000000 
+0100
+++ new/adminer-4.7.7/adminer/lang/fi.inc.php   2020-05-11 11:51:57.000000000 
+0200
@@ -333,4 +333,18 @@
        'Type has been dropped.' => 'Tyyppi poistettiin.',
        'Type has been created.' => 'Tyyppi luotiin.',
        'Alter type' => 'Muuta tyyppiä',
+
+       'Thanks for using Adminer, consider <a 
href="https://www.adminer.org/en/donation/";>donating</a>.' => 'Kiitos, kun 
käytät Admineriä, voit <a href="https://www.adminer.org/en/donation/";>tehdä 
lahjoituksen tästä</a>.',
+       'Drop %s?' => 'Poistetaanko %s?',
+       'overwrite' => 'kirjoittaen päälle',
+       'DB' => 'TK',
+       'ATTACH queries are not supported.' => 'ATTACH-komennolla tehtyjä 
kyselyjä ei tueta.',
+       'Warnings' => 'Varoitukset',
+       'Adminer does not support accessing a database without a password, <a 
href="https://www.adminer.org/en/password/"%s>more information</a>.' => 
'Adminer ei tue pääsyä tietokantaan ilman salasanaa, katso tarkemmin <a 
href="https://www.adminer.org/en/password/"%s>täältä</a>.',
+       'The action will be performed after successful login with the same 
credentials.' => 'Toiminto suoritetaan sen jälkeen, kun on onnistuttu 
kirjautumaan samoilla käyttäjätunnuksilla uudestaan.',
+       'Connecting to privileged ports is not allowed.' => 'Yhteydet 
etuoikeutettuihin portteihin eivät ole sallittuja.',
+       'There is a space in the input password which might be the cause.' => 
'Syynä voi olla syötetyssä salasanassa oleva välilyönti.',
+       'Unknown error.' => 'Tuntematon virhe.',
+       'Database does not support password.' => 'Tietokanta ei tue salasanaa.',
+       'Disable %s or enable %s or %s extensions.' => 'Poista käytöstä %s tai 
ota käyttöön laajennus %s tai %s.',
 );
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/changes.txt 
new/adminer-4.7.7/changes.txt
--- old/adminer-4.7.6/changes.txt       2020-01-31 11:23:04.000000000 +0100
+++ new/adminer-4.7.7/changes.txt       2020-05-11 11:51:57.000000000 +0200
@@ -1,3 +1,6 @@
+Adminer 4.7.7 (released 2020-05-11):
+Fix open redirect if Adminer is accessible at //adminer.php%2F@
+
 Adminer 4.7.6 (released 2020-01-31):
 Speed up alter table form (regression from 4.4.0)
 Fix clicking on non-input fields in alter table (regression from 4.6.2)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/adminer-4.7.6/plugins/login-ip.php 
new/adminer-4.7.7/plugins/login-ip.php
--- old/adminer-4.7.6/plugins/login-ip.php      2020-01-31 11:23:04.000000000 
+0100
+++ new/adminer-4.7.7/plugins/login-ip.php      2020-05-11 11:51:57.000000000 
+0200
@@ -29,7 +29,7 @@
                                }
                                if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
                                        foreach ($this->forwarded_for as 
$forwarded_for) {
-                                               if 
(strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), 
$forwarded_for, strlen($forwarded_for))) {
+                                               if 
(strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), 
$forwarded_for, strlen($forwarded_for)) == 0) {
                                                        return true;
                                                }
                                        }

Reply via email to