[Phpmyadmin-git] [SCM] phpMyAdmin branch, MAINT_3_4_6, updated. RELEASE_3_4_5-40-gca597dc

Dieter Adriaenssens Tue, 04 Oct 2011 10:17:40 -0700

The branch, MAINT_3_4_6 has been updated
       via  ca597dc423f3eebcca95ff33b088a03e39109115 (commit)
      from  1af420e22367ae72ff4091adb1620e59ddad5ba6 (commit)



- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                    |    2 +-
 setup/frames/servers.inc.php |    4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 020aef3..c9fc16d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,7 +21,7 @@ phpMyAdmin - ChangeLog
 - patch #3314626 [display] CharTextareaRows is not respected
 - bug #3417089 [synchronize] Extraneous db choices
 - [security] Fixed local path disclosure vulnerability, see PMASA-2011-15
-- [security] Fixed XSS in setup (verbose parameter)
+- [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16
 
 3.4.5.0 (2011-09-14)
 - bug #3375325 [interface] Page list in navigation frame looks odd
diff --git a/setup/frames/servers.inc.php b/setup/frames/servers.inc.php
index 081c416..8d04966 100644
--- a/setup/frames/servers.inc.php
+++ b/setup/frames/servers.inc.php
@@ -26,7 +26,7 @@ $server_exists = !empty($id) && $cf->get("Servers/$id") !== 
null;
 
 if ($mode == 'edit' && $server_exists) {
     $page_title = __('Edit server')
-        . ' ' . $id . ' <small>(' . $cf->getServerDSN($id) . ')</small>';
+        . ' ' . $id . ' <small>(' . htmlspecialchars($cf->getServerDSN($id)) . 
')</small>';
 } elseif ($mode == 'remove' && $server_exists) {
     $cf->removeServer($id);
     header('Location: index.php');
@@ -45,4 +45,4 @@ foreach ($forms['Servers'] as $form_name => $form) {
     $form_display->registerForm($form_name, $form, $id);
 }
 process_formset($form_display);
-?>
\ No newline at end of file
+?>


hooks/post-receive
-- 
phpMyAdmin

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Phpmyadmin-git mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/phpmyadmin-git

[Phpmyadmin-git] [SCM] phpMyAdmin branch, MAINT_3_4_6, updated. RELEASE_3_4_5-40-gca597dc

Reply via email to