Hello community, here is the log from the commit of package phpMyAdmin for openSUSE:Factory checked in at 2016-06-25 02:23:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phpMyAdmin (Old) and /work/SRC/openSUSE:Factory/.phpMyAdmin.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "phpMyAdmin" Changes: -------- --- /work/SRC/openSUSE:Factory/phpMyAdmin/phpMyAdmin.changes 2016-05-30 09:59:14.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.phpMyAdmin.new/phpMyAdmin.changes 2016-06-25 02:23:37.000000000 +0200 @@ -1,0 +2,55 @@ +Thu Jun 23 12:10:01 UTC 2016 - ch...@computersalat.de + +- update to 4.6.3 (2016-06-23) + * gh#12249 Fixed cookie path on Windows + * gh#12279 Fixed error reporting on connect problems + * gh#12290 Fixed export of tables without explicitly set engine + * gh#12285 Designer JavaScript error: Show/Hide tables list + * gh#12293 Fix MySQL SSL connection with some PHP versions + * gh#12279 Fix MySQL connection error on version mismatch + * gh#12281 Keep user attributes (privileges, authentication mode, etc) when copying a user + * gh#12308 Fix division by zero in case of misconfigured MySQL server + * gh#12317 Fix editing server variables + * gh#12303 Fix table size calculation in some circumstances + * gh#12310 Fix listing routines for non privileged user + * issue Escape generated query in exporting a database + * issue Setup script did not properly use input type password for some input types +- fix for boo#986154 + * PMASA-2016-17 (CVE-2016-5701, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-17/ + - BBCode injection vulnerability + * PMASA-2016-18 (CVE-2016-5702, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-18/ + - Cookie attribute injection attack + * PMASA-2016-19 (CVE-2016-5703, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-19/ + - SQL injection attack + * PMASA-2016-20 (CVE-2016-5704, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-20/ + - XSS on table structure page + * PMASA-2016-21 (CVE-2016-5705, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-21/ + - Multiple XSS vulnerabilities + * PMASA-2016-22 (CVE-2016-5706, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-22/ + - DOS attack + * PMASA-2016-23 (CVE-2016-5730, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-23/ + - Multiple full path disclosure vulnerabilities + * PMASA-2016-24 (CVE-2016-5731, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-24/ + - XSS through FPD + * PMASA-2016-25 (CVE-2016-5732, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-25/ + - XSS in partition range functionality + * PMASA-2016-26 (CVE-2016-5733, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-26/ + - Multiple XSS vulnerabilities + * PMASA-2016-27 (CVE-2016-5734, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-27/ + - Unsafe handling of preg_replace parameters + * PMASA-2016-28 (CVE-2016-5739, CWE-661) + https://www.phpmyadmin.net/security/PMASA-2016-28/ + - Referrer leak in transformations + +------------------------------------------------------------------- Old: ---- phpMyAdmin-4.6.2-all-languages.tar.xz phpMyAdmin-4.6.2-all-languages.tar.xz.asc New: ---- phpMyAdmin-4.6.3-all-languages.tar.xz phpMyAdmin-4.6.3-all-languages.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phpMyAdmin.spec ++++++ --- /var/tmp/diff_new_pack.49x5UQ/_old 2016-06-25 02:23:38.000000000 +0200 +++ /var/tmp/diff_new_pack.49x5UQ/_new 2016-06-25 02:23:38.000000000 +0200 @@ -29,7 +29,7 @@ %define ap_grp nogroup %endif Name: phpMyAdmin -Version: 4.6.2 +Version: 4.6.3 Release: 0 Summary: Administration of MySQL over the web License: GPL-2.0+ ++++++ phpMyAdmin-4.6.2-all-languages.tar.xz -> phpMyAdmin-4.6.3-all-languages.tar.xz ++++++ ++++ 3696 lines of diff (skipped)