Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Factory checked in at 2014-08-20 17:51:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old) and /work/SRC/openSUSE:Factory/.phpMyAdmin.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "phpMyAdmin" Changes: -------- --- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes 2014-08-01 07:08:32.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes 2014-08-20 17:52:06.000000000 +0200 @@ -1,0 +2,22 @@ +Tue Aug 19 21:46:14 UTC 2014 - ch...@computersalat.de + +- fix changes file + * add missing PMASA / CVE info + +------------------------------------------------------------------- +Mon Aug 18 18:13:29 UTC 2014 - andreas.stie...@gmx.de + +- fix for bnc#892401 + * update to 4.2.7.1 + * PMASA-2014-8 ( CVE-2014-5273, CWE-661 CWE-79) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php + - sf#4501 [security] XSS in table browse page + - sf#4502 [security] Self-XSS in enum value editor + - sf#4503 [security] Self-XSSes in monitor + - sf#4504 [security] Self-XSS in query charts + - sf#4517 [security] XSS in relation view + * PMASA-2014-9 ( CVE-2014-5274, CWE-661 CWE-79) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php + - sf#4505 [security] XSS in view operations page + +------------------------------------------------------------------- @@ -32 +54,3 @@ - - sf#4486 [security] XSS injection due to unescaped table + - fix for PMASA-2014-4 ( CVE-2014-4954, CWE-661, CWE-79 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php + * sf#4486 [security] XSS injection due to unescaped table @@ -34 +58,3 @@ - - sf#4488 [security] XSS injection due to unescaped table name + - fix for PMASA-2014-5 ( CVE-2014-4955, CWE-661, CWE-79 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php + * sf#4488 [security] XSS injection due to unescaped table name @@ -36,2 +62,6 @@ - - sf#4492 [security] XSS in AJAX confirmation messages - - sf#4491 [security] Missing validation for accessing User + - fix for PMASA-2014-6 ( CVE-2014-4986, CWE-661, CWE-79 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php + * sf#4492 [security] XSS in AJAX confirmation messages + - fix for PMASA-2014-7 ( CVE-2014-4987, CWE-661 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php + * sf#4491 [security] Missing validation for accessing User @@ -65,0 +96,2 @@ + * fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php @@ -67,0 +100,2 @@ + * fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 ) + http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php Old: ---- phpMyAdmin-4.2.7-all-languages.tar.bz2 New: ---- phpMyAdmin-4.2.7.1-all-languages.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin.spec ++++++ --- /var/tmp/diff_new_pack.OZtmSl/_old 2014-08-20 17:52:07.000000000 +0200 +++ /var/tmp/diff_new_pack.OZtmSl/_new 2014-08-20 17:52:07.000000000 +0200 @@ -34,7 +34,7 @@ Summary: Administration of MySQL over the web License: GPL-2.0+ Group: Productivity/Networking/Web/Frontends -Version: 4.2.7 +Version: 4.2.7.1 Release: 0 Url: http://www.phpMyAdmin.net Source0: http://sourceforge.net/projects/phpmyadmin/files/%{name}-%{version}-all-languages.tar.bz2 ++++++ phpMyAdmin-4.2.7-all-languages.tar.bz2 -> phpMyAdmin-4.2.7.1-all-languages.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin-4.2.7-all-languages.tar.bz2 /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin-4.2.7.1-all-languages.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
