SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for phpMyAdmin-4.7.3-317.1.noarch.rpm :
Fri Jul 28 14:00:00 2017 chrisAATTcomputersalat.de
- fix for boo#1050980

* replace mcrypt with openssl, see
https://github.com/phpseclib/phpseclib/issues/1028
- update changes (update to 4.6.6 (2017-01-23))

* add missing (CVE-Not yet available) CVE\'s

Sat Jul 22 14:00:00 2017 ecsosAATTopensuse.org
- update to 4.7.3

* gh#13447 Large multi-line query removes Export operation and
blanks query box options

* gh#13445 Fixed rendering of query results

* gh#13437 Fixed version check when not connected to a database

* gh#13465 Fixed creating relation

* gh#13475 Fixed export without backquotes

* gh#13482 Improved handling of uploaded files with open_basedir

* gh#13387 Fixed inline editing of hex values

* gh#13382 Fixed size of index edit dialog

* gh#13489 Fixed rendering SQL lint errors

* gh#13468 Avoid breakage if set_time_limit is disabled

* gh#13471 Fail if ini_set/ini_get are disabled

* gh#13436 Automatically connect using SSL when server is
configured so

* gh#13478 Fixed usage of some browser transformations

Sun Jul 2 14:00:00 2017 ecsosAATTopensuse.org
- update to 4.7.2 (2017-06-29)

* gh#13314 Make theme selection keep current server

* gh#13311 Fixed direct login for accounts without password

* gh#13316 Fixed check for mbstring.func_overload

* gh#13323 Fixed wrong encoding of table at triggers

* gh#12976 Fixed natural sorting in several places

* gh#12718 Show warning for users removed from mysql.user table

* gh#13362 Fixed loading additional javascripts

* gh#13343 Fixed editing QBE

* gh#13193 Improved documentation on user settings

* gh#13092 Gracefully handle early fatal errors in AJAX requests

* gh#13327 Fixed Incorrect NavigationTreeEnableExpansion default
value in the documentation

* gh#13008 Fixed export of database with a lot of tables

* gh#13318 Improved performance when importing with enabled
tracking

* gh#13386 Avoid PHP errors with non existing configuration on
OS X

* gh#13388 Show only supported charsets for conversion

* gh#13392 Fixed operation with session.auto_start enabled

* gh#13383 \"Create PHP code\" is broken

* gh#13189 Fixed links to resume timeouted import

Fri Jun 2 14:00:00 2017 ecsosAATTopensuse.org
- update to 4.7.1 (2017-05-25)

* gh#13132 Always execute tracking queries as controluser

* gh#13125 Focus on SQL editor after inserting field name

* gh#13133 Fixed broken links in setup

* gh#13135 Database list Tooltips: Show wrong value

* gh#13150 Fixed pagination while browsing resuls

* gh#13149 Fixed outbound links in changelog.php

* gh#13146 Do not include devel dependencies in the release

* gh#13144 Do not show New as a database in database dropdown

* gh#13130 Fixed handling of errors in AJAX requests

* gh#13152 Fixed PHP error in case of invalid table preferences

* gh#13154 Fixed PHP error on password change

* gh#13219 Fix Refresh of Process List

* gh#13182 Fix refresh of long queries

* gh#12301 Improved handling of logout with disabled
LoginCookieDeleteAll

* gh#13216 Add support for MySQL 8.0 collations

* gh#13218 Fixed rendering of phpMyAdmin logos

* gh#13234 Properly report not working sessions

* gh#13256 Fixed password check on server replication

* gh#13252 Fixed grid editing time column

* gh#13258 Fixed detection of Amazon RDS

* gh#13241 Redirect user to last page that has any tables to
display

* gh#13266 Fix link to User accounts overview page

* gh#13274 Fix error in query builder

* gh#13177 Grid editing repeats action after error

Sat Apr 22 14:00:00 2017 chrisAATTcomputersalat.de
- restore phpMyAdmin-pma.patch

* because it is NOT upstream and needed for configuration storage
- restore previous phpMyAdmin-config.patch

* merge with upstream config VAR changes
- removed $cfg[\'Servers\'][$i][\'designer_coords\']

Sat Apr 1 14:00:00 2017 ecsosAATTopensuse.org
- update to 4.7.0 (2017-03-28)

* gh#12233 [Display] Improve message when renaming database to
same name

* gh#6146 Log authentication attempts to syslog

* gh#11981 Remove support for Swekey authentication

* gh#11987 Remove code for no longer supported MSIE versions

* gh#11962 Remove embedded PHP libraries, use composer to install
them

* gh#12017 Cannot easily select multiple tables when exporting

* gh#12047 Add javascript filtering for databases

* gh#12166 More compact rendering of navigation tree

* gh#12129 Improve performance with SkipLockedTables

* gh#12173 Do not hide indexes under a slider

* Improve performance of zip file import

* gh#12196 Removed $cfg[\'ThemePath\']

* gh#6274 Add support for export user settings as config.inc.php
snippet

* gh#5555 Better report query errors while generating SQL exports

* gh#12307 Produce valid JSON on export

* gh#12325 Setup script icons broken

* gh#12378 Support IPv6 proxies

* Removed MySQL connection retry without password

* gh#12218 Allow to specify further parameters for control
connection

* gh#12162 Show charset for each table on Database structure page

* gh#12463 Incorrect link in the href of icon at Hide/Show unhide
links

* gh#12330 Shortcut for closing console

* gh#12465 Improved handling of http requests

* gh#12474 Broken links in Setup forms Navigation

* gh#12494 Can\'t add a new User

* gh#12523 Add \'token\' Parameter in all POST requests
(Fix \'Token mismatch\' errors)

* gh#12302 Improved usage of number_format

* gh#12656 Server selection not working

* gh#12543 NULL results in dataset are colored grey

* gh#12664 Create Bookmark broken

* gh#12688 Use unsigned int for storing bookmark ID

* gh#12352 Added password strength indicator

* gh#12713 Correctly handle HTTP status when doing requests

* gh#12247 Add option to delete settings from browser storage

* gh#12783 Remove unused PMA_addJSCode function

* gh#12069 Add table filtering to database structure

* gh#12799 Allow to configure signon session parameters

* gh#12854 Drop database is broken

* gh#12863 Can\'t toggle Event Scheduler on

* gh#12742 Finish removing dead code references to xls/xlsx
import and export, which was removed some time ago.

* gh#12536 Rename \"Relations\" to \"Relationships\" in many places
as it\'s the more proper term

* gh#12834 Fixed margins in central columns feature

* gh#12903 Document more export configuration options

* gh#12897 Use consistent numeric format for table overhead

* gh#12901 Use server returned table name on renaming table

* gh#12918 Always use \\r\
as newline when editing fields

* gh#12923 Fixed server side search in navigation panel

* gh#12929 Undefined index warning with ssl_ca_paths

* gh#12924 Do not show errors from OpenSSL cookie
encryption/decryption

* gh#12945 Fixed hint rendering on adding new user

* gh#12941 Fixed sorting of tables in relation view

* gh#12936 Fixed tables pagination in navigation panel

* gh#12904 Do not collapse add form for central columns if there
are none

* gh#12955 Fixed database renaming

* gh#12954 Fixed export of tracking data

* gh#12960 Enclose exports in transaction by default

* gh#12966 After adding a column ADD INDEX option won\'t be
displayed when enabling AI

* gh#12972 Better error message when Composer has not been run

* gh#12988 Do not show language selector without choices

* gh#12993 Fixed external links to php documentation

* gh#12990 Fixed error when loading favorite tables to console

* gh#12981 Improved rendering of new version information

* gh#12922 Fixed bookmarks ordering

* gh#12964 Fixed table search in navigation

* gh#12985 Fixed rendering of foreign key browsing

* gh#12957 Fixed manipulation with GIS data having zero
coordinates

* gh#12804 Fixed various designer javascript errors

* gh#12934 Fixed possible javascript error on server status page

* gh#12927 Fixed javascript error on 3NF normalization

* gh#12996 List all databses in navigation panel database
dropdown

* gh#12980 Better defaults when creating multi field foreign key

* gh#12976 Improved foreign key editor behavior

* gh#12958 Always show error reporting dialog on top

* gh#12693 Improved support for TokuDB

* gh#11231 Try harder to honor LoginCookieValidity setting

* gh#13016 and #13017 Slight improvements to the table layout of
Relation view

* gh#12345 Correctly show affected rows for LOAD DATA queries

* gh#13010 Copy database: SQL error for copying PMADB metadata

* gh#13002 Fixed OpenDocument exports

* gh#13000 Align NULL values according to the column alignment

* gh#13021 Show phpMyAdmin errors even with error_reporting
set to 0

* gh#13020 Removed warning about client and server versions
mismatch

* Hide comments on table Structure tab when no comment is set

* Fixed submission of error reports

* gh#13033 Use Referrer-Policy header to specify referrer policy

* Fixed javascript confirmation of dangerous queries

* gh#13040 Compatibility with hhvm 3.18

* gh#13031 Fixed displaying of all rows

* gh#12967 Fixed related field selection for native relations

* gh#13045 Properly escape MIME transformatoin names

* gh#13028 Always show 100% in font selector

* gh#13047 Fix query simulating for more servers

* gh#12846 Fix new version check for sites with wrongly
configured curl

* gh#12951 When exporting to Excel, the default is now to include
column names in the first row

* gh#13059 Removed debugging code

* gh#13029 Fixed table tracking for nested table groups

* gh#13053 Fixed broken links in setup

* gh#12708 Removed phpMyAdmin version from User-Agent header

* gh#13084 Do not point users to setup when it is disabled

* gh#12660 Delete only phpMyAdmin cookies on upgrade

* gh#13088 Fixed editing of rows with text primary key

* gh#13092 Do not try to sync favorite tables if configuration
storage is not enabled

* gh#13105 Fixed changing attribute for virtual field

* gh#12757 Fixed setting password on recent MariaDB with non
working plugins

* gh#12349 Fixed undefined variable on import from some formats

* gh#13103 Do not offer default names for copying/renaming
databases

* [security] Possible to bypass
$cfg[\'Servers\'][$i][\'AllowNoPassword\'], see PMASA-2017-08
- Drop patch phpMyAdmin-pma.patch because now in upstream

Mon Mar 20 13:00:00 2017 chrisAATTcomputersalat.de
- add http.inc file

* include one file for php5/php7 admin flags/values

Wed Jan 25 13:00:00 2017 chrisAATTcomputersalat.de
- 4.6.6 (2017-01-23)

* gh#12759 Fix Notice regarding \'Undefined index: old_usergroup\'

* gh#12760 Fix Notice regarding \'Undefined index: users\'

* gh#12762 Fixed parsing of SQL with BINARY function

* gh#12588 ReCaptcha now works without allow_url_fopen

* gh#12699 Show no local storage warning only on settings tab

* gh#12778 Syntax Error in Adding/Changing TIMESTAMP columns with
default value as NULL

* gh#12769 Edit/Export links are not clickable under Routines tab

* gh#12757 Fixed creating new user with older MariaDB

* gh#12784 Remove ctype installation suggestion

* gh#12780 Format button replaces all text with blank spaces

* gh#12786 Fixed database searching

* gh#12792 Fixed javascript error on new version link

* gh#12785 Add information about required and suggested extensions
to composer.json

* gh#12801 Custom header shown twice with cookie login form

* gh#12802 Custom footer not shown with auth_type http login failure

* gh#12434 Improve documentation for servers running with Suhosin

* gh#12800 Updated embedded phpSecLib to 2.0.4

* gh#12800 Fixed various issues with PHP 7.1

* gh#11816 Fixed operation with lower_case_table_names=2

* gh#12813 Fixed stored procedure execution

* gh#12826 Honor user configured connection collation

* gh#12293 Correctly report OpenSSL errors from cookie encryption

* gh#12814 DateTime won\'t allow to input length in Routine editor

* gh#12840 Fix Notice regarding \'Undefined index: row_format\' when
altering table options

* gh#12841 Fixed moving of columns with whitespace in name

* gh#12847 Fixed editing of virtual columns

* gh#12859 Changed WHERE condition to 0 instead of 1 for SQL query
window to avoid accidents

* gh#12872 Use same query for display and execution when dropping
index

* gh#12868 Fix check for user groups freatures being enabled

* gh#12876 Fix notices and warning related to dbs_to_test global

* gh#12831 Fix table formatting on Insert tab, which mostly
affected row highlighting

* gh#12495 Reintroduced phpinfo page with limited capabilities

* gh#12861 Fix renaming tables with lower_case_table_names=2

* gh#12876 Fix possible PHP error in navigation

* gh#12881 Fix database search with newer php-gettext

* gh#12894 Fix linter error on unterminated variable name

* gh#12732 Fixed filtering for active processes
- fix for boo#1021597

* PMASA-2016-44 (CVE-2016-6621, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-44/
- Multiple vulnerabilities in setup script

* PMASA-2017-1 (CVE-2017-1000013, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-1/
- Open redirect

* PMASA-2017-2 (CVE-2015-8980, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-2/
- php-gettext code execution

* PMASA-2017-3 (CVE-2017-1000014, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-3/
- DOS vulnerabiltiy in table editing

* PMASA-2017-4 (CVE-2017-1000015, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-4/
- CSS injection in themes

* PMASA-2017-5 (CVE-2017-1000016, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-5/
- Cookie attribute injection attack

* PMASA-2017-6 (CVE-2017-1000017, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-6/
- SSRF in replication

* PMASA-2017-7 (CVE-2017-1000018, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2017-7/
- DOS in replication status
- remove obsolete phpMyAdmin-12757_sql_syntax_errror.patch
- rework phpMyAdmin-config.patch

Thu Jan 19 13:00:00 2017 ecsosAATTopensuse.org
- Add Patch phpMyAdmin-12757_sql_syntax_errror.patch to fix
gh#12757 SQL syntax errror on MariaDB < 10.0.2 in check for mysql
password check plugin.
Will be fixed in 4.6.6

Tue Dec 6 13:00:00 2016 chrisAATTcomputersalat.de
- update to 4.6.5.2 (2016-12-05)

* gh#12765 Fixed SQL export with newlines
- update changes (update to 4.6.5 (2016-11-25))

* add missing (Not yet available) CVE\'s
- fix phpMyAdmin.http

Sat Nov 26 13:00:00 2016 ecsosAATTopensuse.org
- update to 4.6.5.1 (2016-11-26)
- quick fix for 4.6.5

* an issue affecting a small number of users using
$cfg[\'Servers\'][$i][\'hide_db\'] or $cfg[\'Servers\'][$i][\'only_db\'].

* an issue affecting the create table dialog where the partition
selection tool was overzealous and made it difficult to create
a new table.
- update to 4.6.5 (2016-11-25)
- security fixes

* Fix for expanding in navigation pane

* Reintroduced a simplified version of PmaAbsoluteUri directive
(needed with reverse proxies)

* Fix editing of ENUM/SET/DECIMAL field structures

* Improvements to the parser
- other fixes

* Remove potentionally license problematic sRGB profile

* gh#12459 Display read only fields as read only when editing

* gh#12384 Fix expanding of navigation pane when clicking on database

* gh#12430 Impove partitioning support

* gh#12374 Reintroduced simplified PmaAbsoluteUri configuration
directive

* Always use UTC time in HTTP headers

* gh#12479 Simplified validation of external links

* gh#12483 Fix browsing tables with built in transformations

* gh#12485 Do not show warning about short blowfish_secret if none
is set

* gh#12251 Fixed random logouts due to wrong cookie path

* gh#12480 Fixed editing of ENUM/SET/DECIMAL fields structure

* gh#12497 Missing escaping of configuration used in SQL
(hide_db and only_db)

* gh#12476 Add error checking in reading advisory rules file

* gh#12477 Add checking missing elements and confirming element
types from json_decode

* gh#12251 Automatically save SQL query in browser local storage
rather than in cookie

* gh#12292 Unable to edit transformations

* gh#12502 Remove unused paramenter when connecting to MySQLi

* gh#12303 Fix number formatting with different settings of
precision in PHP

* gh#12405 Use single quotes in PHP code

* gh#12534 Option for the dropped column is not removed from
\'after_field\' select, after the column is dropped

* gh#12531 Properly detect DROP DATABASE queries

* gh#12470 Fix possible race condition in setting URL hash

* gh#11924 Remove caching of server information

* gh#11628 Proper parsing of INSERT ... ON DUPLICATE KEY queries

* gh#12545 Proper parsing of CREATE TABLE ... PARTITION queries

* gh#12473 Code can throw unhandled exception

* gh#12550 Do not try to keep alive session even after expiry

* gh#12512 Fixed rendering BBCode links in setup

* gh#12518 Fixed copy of table with generated columns

* gh#12221 Fixed export of table with generated columns

* gh#12320 Copying a user does not copy usergroup

* gh#12272 Adding a new row with default enum goes to no selection
when you want to add more then 2 rows

* gh#12487 Drag and drop import prevents file dropping to blob
column file selector on the insert tab

* gh#12554 Absence of scrolling makes it impossible to read longer
text values in grid editing

* gh#12530 \"Edit routine\" crashes when the current user is not the
definer, even if privileges are adequate

* gh#12300 Export selective tables by-default dumps Events also

* gh#12298 Fixed export of view definitions

* gh#12242 Edit routine detail dialog does not fill \"Return length\"
field in mysql functions

* gh#12575 New index Confirm adds whitespace around the field name

* gh#12382 Bug in zoom search

* gh#12321 Assign LIMIT clause only to syntactically correct queries

* gh#12461 Can\'t Execute SQL With Sub-Query Due To \"LIMIT 0,25\"
Inserted At Wrong Place

* gh#12511 Clarify documentation on ArbitraryServerRegexp

* gh#12508 Remove duplicate code in SQL escaping

* gh#12475 Cleanup code for getting table information

* gh#12579 phpMyAdmin\'s export of a Select statment without a FROM
clause generates Wrong SQL

* gh#12316 Correct export of complex SELECT statements

* gh#12080 Fixed parsing of subselect queries

* gh#11740 Fixed handling DELETE ... USING queries

* gh#12100 Fixed handling of CASE operator

* gh#12455 Query history stores separate entry for every letter
typed

* gh#12327 Create PHP code no longer works

* gh#12179 Fixed bookmarking of query with multiple statements

* gh#12419 Wrong description on GRANT OPTION

* gh#12615 Fixed regexp for matching browser versions

* gh#12569 Avoid showing import errors twice

* gh#12362 prefs_manage.php can leave an orphaned temporary file

* gh#12619 Unable to export csv when using union select

* gh#12625 Broken Edit links in query results of JOIN query

* gh#12634 Drop DB error in import if DB doesn\'t exist

* gh#12338 Designer reverts to first saved ER after EACH relation
create or delete

* gh#12639 \'Show trace\' in Console generates JS error for functions
in query\'s trace called without any arguments

* gh#12366 Fix user creation with certain MariaDB setups

* gh#12616 Refuse to work with mbstring.func_overload enabled

* gh#12472 Properly report connection without password in setup

* gh#12365 Fix records count for large tables

* gh#12533 Fix records count for complex queries

* gh#12454 Query history not updated in console until page refresh

* gh#12344 Fixed parsing of labels in loop

* gh#12228 Fixed parsing of BEGIN labels

* gh#12637 Fixed editing some timestamp values

* gh#12622 Fixed javascript error in designer

* gh#12334 Missing page indicator or VIEWs

* gh#12610 Export of tables with Timestamp/Datetime/Time columns
defined with ON UPDATE clause with precision fails

* gh#12661 Error inserting into pma__history after timeout

* gh#12195 Row_format = fixed not visible

* gh#12665 Cannot add a foreign key - non-indexed fields not listed
in InnoDB tables

* gh#12674 Allow for proper MySQL-allowed strings as identifiers

* gh#12651 Allow for partial dates on table insert page

* gh#12681 Fixed designer with tables using special chars

* gh#12652 Fixed visual query builder for foreign keys with more
fields

* gh#12257 Improved search page performance

* gh#12322 Avoid selecting default function for foreign keys

* gh#12453 Fixed escaping of SQL parts in some corner cases

* gh#12542 Missing table name in account privileges editor

* gh#12691 Remove ksort call on empty array in PMA_getPlugins
function

* gh#12443 Check parameter type before processing

* gh#12299 Avoid generating too long URLs in search

* gh#12361 Fix self SQL injection in table-specific privileges

* gh#12698 Add link to release notes and download on new version
notification

* gh#12712 Error when trying to setup replication (fatal error in
call to an old PMA_DBI_connect function)
- fix for boo#1012271
https://www.phpmyadmin.net/security/

* Unsafe generation of $cfg[\'blowfish_secret\']
see PMASA-2016-58 (CVE ids: CVE-2016-9847, CWE-661)

* phpMyAdmin\'s phpinfo functionality is removed
see PMASA-2016-59 (CVE ids: CVE-2016-9848, CWE-661)

* AllowRoot and allow/deny rule bypass with specially-crafted
username
see PMASA-2016-60 (CVE ids: CVE-2016-9849, CWE-661)

* Username matching weaknesses with allow/deny rules
see PMASA-2016-61 (CVE ids: CVE-2016-9850, CWE-661)

* Possible to bypass logout timeout
see PMASA-2016-62 (CVE ids: CVE-2016-9851, CWE-661)

* Full path disclosure (FPD) weaknesses
see PMASA-2016-63 (CVE ids: CVE-2016-9852, CVE-2016-9853,
CVE-2016-9854, CVE-2016-9855, CWE-661)

* Multiple XSS weaknesses
see PMASA-2016-64 (CVE ids: CVE-2016-9856, CVE-2016-9857,
CWE-661, CWE-352)

* Multiple denial-of-service (DOS) vulnerabilities
see PMASA-2016-65 (CVE ids: CVE-2016-9858, CVE-2016-9859,
CVE-2016-9860, CWE-661, CW-400)

* Possible to bypass white-list protection for URL redirection
see PMASA-2016-66 (CVE ids: CVE-2016-9861, CWE-661, CWE-20,
CWE-601)

* BBCode injection to login page
see PMASA-2016-67 (CVE ids: CVE-2016-9862, CWE-661)

* Denial-of-service (DOS) vulnerability in table partitioning
see PMASA-2016-68 (CVE ids: CVE-2016-9863, CWE-661, CWE-400)

* Multiple SQL injection vulnerabilities
see PMASA-2016-69 (CVE ids: CVE-2016-9864, CWE-661, CWE-89)

* Incorrect serialized string parsing
see PMASA-2016-70 (CVE ids: CVE-2016-9865, CWE-661)

* CSRF token not stripped from the URL
see PMASA-2016-71 (CVE ids: CVE-2016-9866, CWE-661)

Sun Nov 6 13:00:00 2016 chrisAATTcomputersalat.de
- fix deps

* add missing Recommends php5-curl
- fix phpMyAdmin.http

* add

Sat Nov 5 13:00:00 2016 chrisAATTcomputersalat.de
- fix phpMyAdmin.http

Thu Aug 18 14:00:00 2016 chrisAATTcomputersalat.de
- 4.6.4 (2016-08-16)
- securitiy fixes

* Improve session cookie code for openid.php and signon.php example
files

* Full path disclosure in openid.php and signon.php example files

* Unsafe generation of BlowfishSecret (when not supplied by the user)

* Referrer leak when phpinfo is enabled

* Use HTTPS for wiki links

* Improve SSL certificate handling

* Fix full path disclosure in debugging code

* Administrators could trigger SQL injection attack against users
- other fixes

* Remove Swekey support

* Include X-Robots-Tag header in responses

* Enforce numeric field length when creating table

* Fixed invalid Content-Length in some HTTP responses

* gh#12394 Create view should require a view name

* gh#12391 Message with \'Change password successfully\' displayed,
but does not take effect

* Tighten control on PHP sessions and session cookies

* gh#12409 Re-enable overhead on server databases view

* gh#12414 Fixed rendering of Original theme

* gh#12413 Fixed deleting users in non English locales

* gh#12416 Fixed replication status output in Databases listing

* gh#12303 Avoid typecasting to float when not needed

* gh#12425 Duplicate message variable names in messages.inc.php

* gh#12399 Adding index to table shows wrong top navigation

* gh#12424 Fixed password change on MariaDB without auth plugin

* gh#12339 Do not error on unset server port

* gh#12422 Improvements to the original theme

* gh#12395 Do not try to load old transformation plugins

* gh#12423 Fixed replication status in database listing

* gh#12433 Copy table with prefix does not copy the indexes

* gh#12375 Search in database: Window content is not scrolling down
when clicking first time on Browse link

* gh#12346 SQL Editor textareas can have their size increased from
the top, distorting the page view
- fix for boo#994313
https://www.phpmyadmin.net/security/

* Weaknesses with cookie encryption
see PMASA-2016-29 (CVE-2016-6606, CWE-661)

* Multiple XSS vulnerabilities
see PMASA-2016-30 (CVE-2016-6607, CWE-661)

* Multiple XSS vulnerabilities
see PMASA-2016-31 (CVE-2016-6608, CWE-661)

* PHP code injection
see PMASA-2016-32 (CVE-2016-6609, CWE-661)

* Full path disclosure
see PMASA-2016-33 (CVE-2016-6610, CWE-661)

* SQL injection attack
see PMASA-2016-34 (CVE-2016-6611, CWE-661)

* Local file exposure through LOAD DATA LOCAL INFILE
see PMASA-2016-35 (CVE-2016-6612, CWE-661)

* Local file exposure through symlinks with UploadDir
see PMASA-2016-36 (CVE-2016-6613, CWE-661)

* Path traversal with SaveDir and UploadDir
see PMASA-2016-37 (CVE-2016-6614, CWE-661)

* Multiple XSS vulnerabilities
see PMASA-2016-38 (CVE-2016-6615, CWE-661)

* SQL injection vulnerability as control user
see PMASA-2016-39 (CVE-2016-6616, CWE-661)

* SQL injection vulnerability
see PMASA-2016-40 (CVE-2016-6617, CWE-661)

* Denial-of-service attack through transformation feature
see PMASA-2016-41 (CVE-2016-6618, CWE-661)

* SQL injection vulnerability as control user
see PMASA-2016-42 (CVE-2016-6619, CWE-661)

* Verify data before unserializing
see PMASA-2016-43 (CVE-2016-6620, CWE-661)

* SSRF in setup script
see PMASA-2016-44 (CVE-2016-6621, CWE-661)

* Denial-of-service attack with
$cfg[\'AllowArbitraryServer\'] = true and persistent connections
see PMASA-2016-45 (CVE-2016-6622, CWE-661)

* Denial-of-service attack by using for loops
see PMASA-2016-46 (CVE-2016-6623, CWE-661)

* Possible circumvention of IP-based allow/deny rules with IPv6 and
proxy server
see PMASA-2016-47 (CVE-2016-6624, CWE-661)

* Detect if user is logged in
see PMASA-2016-48 (CVE-2016-6625, CWE-661)

* Bypass URL redirection protection
see PMASA-2016-49 (CVE-2016-6626, CWE-661)

* Referrer leak
see PMASA-2016-50 (CVE-2016-6627, CWE-661)

* Reflected File Download
see PMASA-2016-51 (CVE-2016-6628, CWE-661)

* ArbitraryServerRegexp bypass
see PMASA-2016-52 (CVE-2016-6629, CWE-661)

* Denial-of-service attack by entering long password
see PMASA-2016-53 (CVE-2016-6630, CWE-661)

* Remote code execution vulnerability when running as CGI
see PMASA-2016-54 (CVE-2016-6631, CWE-661)

* Denial-of-service attack when PHP uses dbase extension
see PMASA-2016-55 (CVE-2016-6632, CWE-661)

* Remove tode execution vulnerability when PHP uses dbase extension
see PMASA-2016-56 (CVE-2016-6633, CWE-661)
- fix deps

* add missing php-gettext
- rebase phpMyAdmin-config.patch

Thu Jun 23 14:00:00 2016 chrisAATTcomputersalat.de
- update to 4.6.3 (2016-06-23)

* gh#12249 Fixed cookie path on Windows

* gh#12279 Fixed error reporting on connect problems

* gh#12290 Fixed export of tables without explicitly set engine

* gh#12285 Designer JavaScript error: Show/Hide tables list

* gh#12293 Fix MySQL SSL connection with some PHP versions

* gh#12279 Fix MySQL connection error on version mismatch

* gh#12281 Keep user attributes (privileges, authentication mode, etc) when copying a user

* gh#12308 Fix division by zero in case of misconfigured MySQL server

* gh#12317 Fix editing server variables

* gh#12303 Fix table size calculation in some circumstances

* gh#12310 Fix listing routines for non privileged user

* issue Escape generated query in exporting a database

* issue Setup script did not properly use input type password for some input types
- fix for boo#986154

* PMASA-2016-17 (CVE-2016-5701, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-17/
- BBCode injection vulnerability

* PMASA-2016-18 (CVE-2016-5702, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-18/
- Cookie attribute injection attack

* PMASA-2016-19 (CVE-2016-5703, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-19/
- SQL injection attack

* PMASA-2016-20 (CVE-2016-5704, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-20/
- XSS on table structure page

* PMASA-2016-21 (CVE-2016-5705, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-21/
- Multiple XSS vulnerabilities

* PMASA-2016-22 (CVE-2016-5706, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-22/
- DOS attack

* PMASA-2016-23 (CVE-2016-5730, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-23/
- Multiple full path disclosure vulnerabilities

* PMASA-2016-24 (CVE-2016-5731, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-24/
- XSS through FPD

* PMASA-2016-25 (CVE-2016-5732, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-25/
- XSS in partition range functionality

* PMASA-2016-26 (CVE-2016-5733, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-26/
- Multiple XSS vulnerabilities

* PMASA-2016-27 (CVE-2016-5734, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-27/
- Unsafe handling of preg_replace parameters

* PMASA-2016-28 (CVE-2016-5739, CWE-661)
https://www.phpmyadmin.net/security/PMASA-2016-28/
- Referrer leak in transformations

Sun May 29 14:00:00 2016 chrisAATTcomputersalat.de
- rebase phpMyAdmin-config.patch

Sat May 28 14:00:00 2016 ecsosAATTopensuse.org
- update to 4.6.2 (2016-05-25)
- gh#12225 Use https for documentation links
- gh#12234 Fix schema export with too many tables
- gh#12240 Avoid parsing non JSON responses as JSON
- gh#12244 Avoid using too log URLs when getting javascripts
- gh#12118 Fixed setting mixed case languages
- gh#12229 Avoid storing objects in session when debugging SQL
- gh#12249 Fix cookie path on IIS
- gh#11705 Fix occassional 200 errors on Windows
- gh#12219 Fix locking issues when importing SQL
- gh#12231 Avoid confusing warning when mysql extension is missing
- fix issue Improve handling of logout
- fix issue Safer handling of sessions during authentication
- gh#12209 Fix server selection on main page
- gh#12192 Avoid storing full error data in session
- gh#12082 Fixed export of ARCHIVE tables with keys
- gh#11565 Add session reload for config authentication
- gh#12229 Do not fail on errors stored in session
- gh#12248 Fix loading of APC based upload progress bar
- remove PmaAbsoluteUri from phpMyAdmin-config.patch because since
version 4.6.0 it is remove
- Security fixes:

* PMASA-2016-14 (CVE-2016-5097, CWE-661, boo#982126)
https://www.phpmyadmin.net/security/PMASA-2016-14/
- User SQL queries can be revealed through URL GET parameters,
see PMASA-2016-14

* PMASA-2016-16 (CVE-2016-5099, CWE-661, boo#982128)
https://www.phpmyadmin.net/security/PMASA-2016-16/
- Self XSS vulneratbility, see PMASA-2016-16

Mon May 9 14:00:00 2016 chrisAATTcomputersalat.de
- phpMyAdmin 4.6.1:

* Problems with SQL syntax warnings from the linter/parser

* Fixing an error about \"PMA_Util\" not found

* Better handling of JSON columns

* Fixed quoting with the SQL parser, which in particular adversely
affected SQL imports and exports

Thu Mar 24 13:00:00 2016 astiegerAATTsuse.com
- phpMyAdmin 4.6.0:

* Allow setting routine-wise privileges

* UI for defining partitioning in create table window

* Support JSON data type

* Editing partitions in table Structure

* Copy results to clipboard

* Reactivate cut&paste possibility in print view

* Display binary strings as text if they are valid UTF-8

* Copy multiple tables to database

* Show MySQL error messages in user language

* Add new configuration directive \'ssl_verify\' for self-signed
certificates with mysqlnd and PHP >= 5.6

* Remove ForceSSL and PmaAbsoluteUri configuration directives
(these are better handled by proper webserver configuration)

* Fixed several bugs relating to exporting, particularly with
DEFAULT and COMMENT fields

Tue Mar 1 13:00:00 2016 astiegerAATTsuse.com
- phpMyAdmin 4.5.5.1:
The following vulnerabilities were fixed:

* CVE-2016-2559: XSS vulnerability in SQL parser (PMASA-2016-10 boo#968940)

* CVE-2016-2560: Multiple XSS vulnerabilities (PMASA-2016-11 boo#968938)

* CVE-2016-2561: Multiple XSS vulnerabilities (PMASA-2016-12 boo#968941)

* CVE-2016-2562: Vulnerability allowing man-in-the-middle attack on API call to GitHub (PMASA-2016-13 boo#968928)
The following upstream bugs were fixed:

* CREATE UNIQUE INDEX index type is not recognized by parser.

* Row count wrong when grouping joined tables.

* Column definition with default value and comment in CREATE TABLE expoerted faulty.

* New statement but no delimiter and unexpected token with REPLACE.

* Fixed incorrect usage of SQL parser context in SQL export

* Fixed inclusion of gettext library from SQL parser

Wed Feb 24 13:00:00 2016 astiegerAATTsuse.com
- phpMyAdmin 4.5.5

* improvements to changing passwords on newer MariaDB servers

* several fixes to the SQL parser

Sat Jan 30 13:00:00 2016 ecsosAATTopensuse.org
- update to 4.5.4.1 (2016-01-28)
- gh#11892 Error with PMA 4.4.15.3
- gh#11896 Remove hard dependency on phpseclib

Thu Jan 28 13:00:00 2016 astiegerAATTsuse.com
- phpMyAdmin 4.5.4
The followinng vulnerabilities were fixed: (boo#964024)

* CVE-2016-2038: Multiple full path disclosure vulnerabilities

* CVE-2016-2039: Unsafe generation of XSRF/CSRF token

* CVE-2016-2040: Multiple XSS vulnerabilities

* CVE-2016-1927: Insecure password generation in JavaScript

* CVE-2016-2041: Unsafe comparison of XSRF/CSRF token

* CVE-2016-2042: Multiple full path disclosure vulnerabilities

* CVE-2016-2043: XSS vulnerability in normalization page

* CVE-2016-2044: Full path disclosure vulnerability in SQL parser

* CVE-2016-2045: XSS vulnerability in SQL editor
- update upstream singing keyring

Sun Jan 10 13:00:00 2016 astiegerAATTsuse.com
- 4.5.x package was missing template - fix boo#961285

Wed Jan 6 13:00:00 2016 chrisAATTcomputersalat.de
- fix for boo#960854

* add missing dependency of php-json

Mon Jan 4 13:00:00 2016 astiegerAATTsuse.com
- phpMyAdmin 4.5.3.1:

* Minimum requirement is PHP 5.5
- Highlights of the 4.5.x.x series:

* Improvements to the Console feature

* Include structure in PDF export

* Validate data before import

* Support CHECKSUM TABLE operation

* Improved operations regarding partitions

* Alter privileges when renaming or copying a database or table

* Several improvements related to speed and responsiveness

* Improved print view

* Use CTRL or ALT plus arrow keys to navigate in grid editor

* Use plain-English destinations for
$cfg[\'NavigationTreeDefaultTabTable\'], $cfg[\'DefaultTabServer\'],
$cfg[\'DefaultTabDatabase\'], and $cfg[\'DefaultTabTable\'].
The old style values will still work, but this makes it easier for
new users to easily understand the destination links.

* Integrate SQL debugging into Console

* Restore row editing when no unique/primary key exists

* Allow exporting one file per table and one file per database

* Improvements to using multiple servers with the auth_type cookie

* Support virtual columns (MySQL 5.7.5+)

* Add or improve support for several MariaDB features including
process list and virtual/persistent columns

* Improved handling of cached data when upgrading phpMyAdmin

* Add SHA256 security password support

Tue Dec 29 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.15.2 (2015-12-25)
- Security fixes:

* PMASA-2015-5 (CVE-2015-8669, CWE-661 CWE-200) boo#960282
https://www.phpmyadmin.net/security/PMASA-2015-6/
- [Security] Path disclosure, see PMASA-2015-6

Mon Oct 26 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.15.1 (2015-10-23)
- gh#11464 phpMyAdmin suggests upgrading to newer version not
usable on that system
- Security fixes: [boo#951960]

* PMASA-2015-5 (CVE-2015-7873, CWE-661 CWE-20)
https://www.phpmyadmin.net/security/PMASA-2015-5/
- fix issue [security] Content spoofing on url.php

Sun Sep 20 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.15 (2015-09-20)
- gh#11411 Undefined \"replace\" function on numeric scalar
- gh#11421 Stored-proc / routine - broken parameter parsing
- fix issue Missing name for configuration read_as_multibytes
- gh#11431 Incorrect \"No row selected\" message
- gh#11447 MySQL 5.5 and the language system variable
- gh#11452 Semantics of export and import icons are mixed up
- gh#11451 Designer-Bug in move.js on multiple server
configuration
- gh#11458 Invalid UTF-8 sequence in argument
- gh#11457 Request URI too large
- fix issue Invalid argument supplied for foreach()
- gh#11461 Foreign key constraints for InnoDB tables with
upper-case letters disabled
- gh#11487 Warning when entering Query page
- change entrys in changelog from sf to gh from 4.13.0 to now

Thu Sep 17 14:00:00 2015 ecsosAATTopensuse.org
- boo#945999 enable required apache modules in spec at install

Fri Sep 11 14:00:00 2015 ecsosAATTopensuse.org
- update 4.4.14.1 (2015-09-08)
- Security fixes: [boo#945420]

* PMASA-2015-4 (CVE-2015-6830, CWE-661 CWE-307)
https://www.phpmyadmin.net/security/PMASA-2015-4/
- fix issue [security] reCaptcha bypass

Tue Aug 25 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.14 (2015-08-20)
- gh#11367 Export after search, missing WHERE clause
- gh#11380 Incomplete message after import
- fix issue Incorrect scalar type declaration
(reported under PHP 7)
- gh#11389 ReCaptcha produces deprecated messages under PHP 7
- gh#11387 phpseclib < 2.0 produces deprecated messages on PHP 7
- gh#11404 \"Switch to copied table\" doesn\'t work
- gh#11406 Missing quotes after calling \"distinct values\"
- gh#11386 Cannot import database with long data in one column
- gh#11410 SPATIAL index option is not clickable

Sun Aug 9 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.13.1 (2015-08-08)
- gh#11368 SQL error when importing phpMyAdmin dump file

Sat Aug 8 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.13 (2015-08-07)
- gh#1808 \"Improve table structure\" generates invalid SQL
- fix issue Once checked \"Show only active\" checkbox is always
checked
- gh#1813 Delete rows using \"Check All\" is broken
- fix issue Fix PHP 7 possible binding ambiguity
- gh#11326 Exported schema includes all the tables of the
database
- gh#11339 Results not displayed if query ends in delimiter and
comment
- gh#11320 Live edit of data fields is not working always
- fix issue Table list in navigation collapses when entering into
a table in another page
- gh#11364 JS error while trying to auto navigate to db structure
page when db creation has failed

Tue Jul 21 14:00:00 2015 mciharAATTsuse.cz
- Apache configuration compatible with both 2.2 and 2.4

Mon Jul 20 14:00:00 2015 mciharAATTsuse.cz
- update to 4.4.12 (2015-07-20)
- Saved chart image does not have a proper name or an extension
- sf#4976 Timepicker CSS issues in Original theme
- sf#4975 Move/Copy/Rename operations on Table/Db fail on Drizzle server
- sf#4826 Two inline edit windows
- sf#4979 Problem when import
*.ods file
- Add missing head tag
- sf#4985 Column headers move when scrolling
- use smaller xz compressed archive
- update Apache configuration to be compatible with 2.4

Wed Jul 8 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.11 (2015-07-06)
- fix bug Missing selected/entered values when editing active
options in visual query builder
- sf#4969 Autoload from prefs_storage not behaving properly
- sf#4972 Incorrect length computed for binary data
- fix bug Remove character set from create_tables_drizzle.sql
- sf#4973 Users overview needs clarification
- sf#4974 Creating a database from console doesn\'t update
navigation panel
- sf#4844 FAQ 1.17 needs an update
- change sourcepath in spec

Thu Jul 2 14:00:00 2015 mciharAATTsuse.cz
- switch upstream url to https
- include signed release together with keyring to verify signatures

Wed Jun 17 14:00:00 2015 ecsosAATTopensuse.org
- add missing sql-scripts to doc

Wed Jun 17 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.10 (2015-06-17)
- sf#4950 Issues in database selection for replication
- sf#4951 Trying to save chart as image crashes the browser
- sf#4953 cant drag sql.gz file onto import input
- sf#4960 Table creation results in GET request with missing
server parameter that invalidates the session
- sf#4961 Javascript error when Designer is opened
- sf#4962 Insert by foreign key scrolls page to top
- sf#4955 Clicking on the navi logo does not always work
- fix bug External URL for $cfg[\'NavigationLogoLink\'] causes
JavaScript error when clicked

Fri Jun 5 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.9 (2015-06-04)
- sf#4920 relation view doesn\'t list fields of table in other
database
- sf#4905 Sorting by an alias
- sf#4931 False error before entering reCAPTCHA
- sf#4909 central column with multiple server
- sf#4937 Custom export with backquotes off is not working
- sf#4908 Reverse proxy: infinite internal redirect
(added warning in doc)
- sf#4942 Export to gzip saves plain text under Chrome

Thu May 28 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.8 (2015-05-28)
- fix bug Allow accessing visual query builder when pmadb is not
configured
- sf#4893 Nav tree line alignment issue
- sf#4911 Lock page icon is not shown after fresh reload
- sf#4912 \"Highlight pointer\" and \"Row marker\" doesn\'t work
properly
- fix bug Browse foreigners window goes out of the window
- sf#4918 Date field popup dialog position bug
- fix bug In /setup, PMA_messages is not defined
- sf#4924 Recaptcha failure
- sf#4930 Database copy doesn\'t work for tables with more than
one FULLTEXT index
- sf#4929 Edit view structure doesn\'t load the algorithm
- sf#4923 Do not limit table comments to 60 characters

Sat May 16 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.7 (2015-05-16)
- sf#4876 Settings issues (Favorite tables shown twice in
Settings)
- sf#4896 Non-styled error page when following results link
- sf#4894 Deleting without confirmation
- sf#4858 Issues with SQL autocomplete
- sf#4897 Column hint in SQL autocomplete is sometimes not shown
- sf#4898 JS error after selecting a field and press Enter
- fix bug Honor proxy settings when getting Git commit
information
- fix bug Missing title on link
- sf#4512 ForceSSL Redirect Check
- fix bug Undefined index collation_connection
- fix bug Error when the reporting server is down
- fix bug Escape database and table names for partition
maintenance
- fix bug Invalid value for CURLOPT_SSL_VERIFYPEER
- sf#4367 Import status infinite loop
- sf#4902 Designer: Loading does not work
- sf#4904 Setup: Overview > Display does not work
- sf#4906 Designer: pages from all databases

Wed May 13 14:00:00 2015 ecsosAATTopensuse.org
- update 4.4.6.1 (2015-05-13)
This update fixes several vulnerabilities
- Security fixes:

* PMASA-2015-2 (CVE-2015-3902, CWE-661 CWE-352)
http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php
- sf#4899 [security] CSRF vulnerability in setup

* PMASA-2015-3 ( CVE-2015-3903, CWE-661 CWE-295)
http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php
- sf#4900 [security] Vulnerability allowing man-in-the-middle
attack

Thu May 7 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.6 (2015-05-07)
- sf#4890 webkitStorageInfo and webkitIndexedDB is deprecated
- sf#4892 Undefined variable: unique_conditions
- sf#4891 CSV Import ignores \"Replace table data with file\"
checkbox

Tue May 5 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.5 (2015-05-05)
- fix bug Table overhead stats: missing space before the unit
- fix bug Fix resize icon in Designer
- sf#4879 Exit fullscreen in Designer does not change
the button text
- sf#4880 Designer icons missing when using original theme
- sf#4878 Column list of central columns is not cleared
- sf#4881 jQuery dialogs of the Designer are not displayed in
fullscreen
- sf#4883 Search function breaks when searching for certain
combinations of backslashes and slashes
- sf#4830 Maximum execution time exceeded in Util.class.php
(better fix)
- sf#4885 Some icons are above the overlay of jQuery dialogs
- sf#4886 Clicking on external links in advisor rules give
JS error
- sf#4888 Filter in central columns does not work in other
languages

Sun Apr 26 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.4 (2015-04-26)
- sf#4863 Edit vs Change
- sf#4859 Don\'t scroll (to bottom) when editing multiple rows
- sf#4862 Misaligned Inline edit field
- sf#4861 Use of undefined constant PMA_DRIZZLE
- sf#4865 sprintf(): Too few arguments
- sf#4866 Limit column ordering in index edit dialog
- sf#4867 Incorrect ALTER TABLE statement generated
- sf#4870 Inconsistency in \'Ignore\' checkbox in insert page
- sf#4869 Drop column action not asking to confirm
- sf#4871 Error on creating table
- fix bug Undefined index: Rows

Mon Apr 20 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.3 (2015-04-20)
- sf#4851 PHP errors in login dialogue
- sf#4845 White screen (Cloudflare)
- sf#4207 json_encode error due to strftime returning non utf8
chars in Windows 8.1 Chinese version
- sf#4794 Server error viewing table content
- fix bug Fix issues related to number of decimal places in time
- sf#4853 Relation view between 1600 and 1780 px
- fix bug PHP 7 compatibility in php-gettext
- fix bug PHP 7 compatibility in bfShapeFiles
- fix bug PHP 7 session_regenerate_id() warning
- sf#4857 Alter table after changing column name error
- sf#4830 Maximum execution time exceeded in Util.class.php

Mon Apr 13 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.2 (2015-04-13)
- sf#4835 PMA_hideShowConnection not called after
submit_num_fields
- sf#4836 Server warning after moving from console to
direct clicks
- sf#4837 Duplicate new version notification when using
the \"Back\" button
- sf#4839 DOC link in setting is broken
- sf#4841 Status page: Mislukte pogingen per uur value is
incorrect
- fix bug MIME Transformation link fixed
- sf#4838 Prevents console window from moving out of the
screen height
- sf#4829 Create procedure via SQL Editor not more possible
- sf#4833 CSS and Javascript are not compressed
- sf#4849 Functions accessed from navigation do not load on
ajax dialog
- sf#4850 Relation view on 1920

Sat Apr 11 14:00:00 2015 ecsosAATTopensuse.org
- update 4.4.1.1 (2015-04-08)
- sf#4846 Web server\'s error log is flooded
- changes from 4.4.1 (2015-04-07)
- sf#4813 MySQL 5.7.6 and the Users menu tab
- sf#4818 MySQL 5.7.6 and changing the password for another user
- sf#4819 Request URI too large
- sf#4814 MySQL 5.7.6 and Databases
- fix bug Use \'server\' parameter in console to work in multi
server environments
- fix bug Missing tooltip in monitor
- fix bug Missing sort icons in monitor
- sf#4805 Inline edit broken when using functions in query
- sf#4821 Timed-out import fails to restart when file represented
- sf#4754 pMA DB not detected properly
- sf#4825 Datepicker missing when changing number of rows on
Insert page
- sf#4824 INNODB STATUS page is empty
- sf#4828 JavaScript is loaded in wrong order
- sf#4827 TEXT formatting doesn\'t work after inline editing
- sf#4822 Compress when php.ini output_buffering is active
- sf#4832 Sorting distinct values result loses links
- sf#4834 Do not attach token to css requests to improve caching

Fri Apr 3 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.4.0 (2015-04-01)
+ rfe #1553 InnoDB presently supports one FULLTEXT index creation
at a time
+ rfe #1562 Allow tracking multiple table at once from database
level tracking page
+ rfe #1564 Improve action message on Tracking page
+ rfe #1566 Change value of \"Number of rows:\" when \"Show all\"
is checked
+ rfe Focus console by clicking on white space
+ rfe #1507 Part 1: Cycle through console history with keyboard
up/down arrows
+ rfe #1579 Default to primary key when adding relation
+ rfe #1572 User prefs: Diff-friendly JSON for config
+ rfe #1567 Sever Variables Table UI Improvements
- sf#4675 phpMyAdmin should be able to work without \'examples\'
DIR - move SQL scripts to sql directory
+ rfe #1578 Warn about reserved word only when a column is
created
+ rfe #1590 Recaptcha API v2
+ rfe #1580 Individual Zeroconf PMA tables support
+ rfe #1525 Generate keys one per line
+ rfe #347 allow table with transformed column anywhere in
FROM clause
+ rfe #1591 Shortcut link to search page
+ rfe #1568 Fold Add Column After / Before into dropdown
- sf#4705 Table structure: adding primary key doesn\'t refresh
page
+ rfe #1582 SQL formatter
+ rfe #1597 Fast filter improvement: remove
\"x other results found\"
- sf#4720 No error message on Missing extension mbstring
+ rfe #801 Builtin transformations and relations
+ rfe #767 USING BTREE support for HEAP/MEMORY tables
+ rfe #1596 Make \"Options > Relational\" configurable
+ rfe #719 More details in PDF relation view
+ rfe #1096 Cannot enter connection for federated engine table
+ rfe #954 Allow SALT in ENCRYPT function
+ rfe #1260 Setting LoginCookieValidity > session.gc_maxlifetime
+ rfe Transformation for JSON
- bug Fix isCanvasSupported for new window
+ rfe #1600 Clarify the \"Inline\" link
+ rfe #1179 Speed up slow triggers by using EVENT_OBJECT_SCHEMA
+ rfe #1192 ON DUPLICATE KEY UPDATE for loading CSV
- bug fix Cannot execute command from console
(multi-server installation)
+ rfe #1208 linking from information_schema
+ rfe #1235 Relation view: move to main \"Structure\" page
+ rfe #1558 Designer menu with explicit text
+ rfe #937 Relations with views like with tables
+ rfe #1241 Browse Field -> Search
+ rfe #723 Provide sanity check for table/column names
(table names)
+ rfe #1312 SessionTimeZone configuration directive
- bug fix Add missing confirmation when deleting tracking report
entries
+ rfe Ability to disable foreign key check when emptying tables
+ rfe #1549 Reset auto-increment when exporting structure
+ rfe #1602 Recover query in redaction after session end
+ rfe #1605 After database creation, go to database structure
page
+ rfe #1604 Show PHP version
- sf#4770 Multiple delete on table browse ignoring foreign key
checkbox
+ rfe CodeMirror based SQL editor as an input transformation
+ rfe #1275 CodeMirror based JSON editor as an input
transformation
+ rfe #685 Editor for HTML content
+ rfe #1595 make professional code editor suggestion
+ rfe #1606 processlist filter
+ rfe Change tracking activation status from db level tracking
page
+ rfe #1207 Export users associated with a specific
schema/database
+ rfe #1575 \"Disable database expansion\" : unclear directive name
and explanation
+ rfe #1607 Tool tip for lock icon when making changes to a page
+ rfe #1327 Hide \'Add user\' link if user does not have privileges
+ rfe #501 Support for SSL GRANT option
+ rfe #1608 Central columns allowing setting SIGNED / UNSIGNED
attribute for integer
+ rfe #1441 Add regexp match when using AllowArbitraryServer
- sf#4806 Unable to work with two different servers in two tabs
- fix incorrect fsf-address
- change pma.patch

Sun Mar 29 14:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.13 (2015-03-29)
- sf#4803 \"Show hidden items\" is sometimes hidden
- sf#4807 Breaks when sorting by multiple columns
while using UNION
- sf#4798 Missing column when exporting in sql
- sf#4810 Broken find and replace
- sf#4804 Undefined Index after export schema
- sf#4802 Changelog page is not working
- sf#4815 Infinite calls to index.php
- sf#4820 Invalid links to dev.mysql.com
- sf#4718 simulate query fails, but actual query does not

Sat Mar 14 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.12 (2015-03-14)
- sf#4746 Right-aligned columns have left-aligned header
- sf#4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8
values
- fix bug Undefined index savedsearcheswork
- sf#4788 Inline edit of DATE fields with NULL, NULL checkbox is
under datepicker
- sf#4790 DROP TABLE/VIEW IF EXISTS are not tracked
- fix bug Compatibility with central columns of version 4.4
- sf#4758 Firefox with auth_type to http with multiple server
doesn\'t work anymore
- sf#4789 Views aren\'t dropped when copying a database
- sf#4784 Incomplete bookmark saving
- sf#4786 SELECT width on relations page

Wed Mar 4 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.11.1 (2015-03-04)
This update fixes several vulnerabilities
- Security fixes:

* PMASA-2015-1 (CVE-2015-2206, CWE-661 CWE-352) [boo#920773]
http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php
- fix bug [security] Risk of BREACH attack

Wed Mar 4 13:00:00 2015 ecsosAATTopensuse.org
- fix error displayed in Status/Advisor and not functional display
of cpu and memory under Status/Monitor/

Tue Mar 3 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.11 (2015-03-02)
- sf#4774 SQL links are completely wrong
- sf#4768 MariaDB: version mismatch
- sf#4777 Some images are missing in Designer for original theme
- sf#4767 Drizzle: undefined index in mysql_charsets.inc.php
- sf#4753 Normal field and multi-line field have different
margins
- sf#4760 Cannot re-import settings from local storage
- sf#4778 SQL error when database list is sorted by additional
columns
- sf#4780 Notice when timestamp column does not have default
value

Fri Feb 20 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.10 (2015-02-20)
- fix bug Undefined index navwork
- sf#4744 Opening console scroll down the page
- fix bug Remove extra column heading in view structure page
- fix bug Add missing confirmation when deleting central columns
- fix bug Undefined index DisableIS
- sf#4763 Database export with more than 512 tables fails
- sf#4769 Previously set column aliases are destroyed if returned
to the same table
- sf#4752 Incorrect page after creating table
- sf#4771 Central Columns not working, showing error

Fri Feb 6 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.9 (2015-02-05)
- sf#4728 Incorrect headings in routine editor
- sf#4730 Notice while browsing tables when phpmyadmin
pma database exists, but not all the tables
- sf#4729 Display original field when using \"Relational display
column\" option and display column is empty
- sf#4734 Default values for binary fields do not support
binary values
- sf#4736 Changing display options breaks query highlighting
- fix bug Undefined index submit_type
- sf#4738 Header lose align when scrolling in Firefox
- sf#4741 in ./libraries/Advisor.class.php#184 vsprintf():
Too few arguments
- sf#4743 Unable to move cursor with keyboard in filter rows box
- fix bug Incorrect link in doc
- sf#4745 Tracking does not handle views properly
- sf#4706 Schema export doesn\'t handle dots in db/table name
- sf#3935 Table Header not displayed correct (Safari 5.0.5 Mac)
- sf#4750 Disable renaming referenced columns
- sf#4748 Column name center-aligned instead of left-aligned
in Relations

Sat Jan 24 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.8 (2015-01-24)
- fix bug Undefined constant PMA_DRIZZLE
- sf#4712 Wrongly positioned date-picker while Grid-Editing
- sf#4714 Forced ORDER BY for own sql statements
- sf#4721 Undefined property: stdClass::$version
- sf#4719 \'only_db\' not working
- sf#4700 Error text: Internal Server Error
- sf#4722 Incorrect width table summary when favorite tables
is disabled
- sf#4716 Collapse all in navigation panel is sometimes broken
- sf#4724 Cannot navigate in filtered table list
- sf#4717 Database navigation menu broken when resolution/screen
is changing
- sf#4727 Collation column missing in database list
when DisableIS is true
- fix bug Undefined index central_columnswork
- fix bug Undefined index favorite_tables

Sat Jan 17 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.7 (2015-01-15)
- sf#4694 js error on marking table as favorite in Safari (in private mode)
- sf#4695 Changing $cfg[\'DefaultTabTable\'] doesn\'t update link and title
- fix bug Undefined index menuswork
- fix bug Undefined index navwork
- fix bug Undefined index central_columnswork
- sf#4697 Server Status refresh not behaving as expected
- fix bug Null argument in array_multisort()
- sf#4699 Navigation panel should not hide icons based on \'TableNavigationLinksMode\'
- sf#4703 Unsaved schema page exported as pdf.pdf
- sf#4707 Call to undefined method PMA_Schema_PDF::dieSchema()
- sf#4702 URL is non RFC-2396 compatible in get_scripts.js.php

Thu Jan 8 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.6 (2015-01-07)
- fix bug Undefined index notices while configuring recent and
favorite tables
- sf#4687 Designer breaks without configuration storage
- sf#4686 Select elements flicker and selects something else
- sf#4689 Setup tool creates \"pma__favorites\" incorrectly
- sf#4685 Call to a member function isUserType() on a non-object
- sf#4691 Do not include console when no server is selected
- sf#4688 File permissions in archive
- sf#4692 Dynamic javascripts gives 500 when db selected

Mon Jan 5 13:00:00 2015 chrisAATTcomputersalat.de
- fix for boo#911360

* problems with pma__config enabled by default in phpMyAdmin
- rework config patch

* fix for pma storage config (disabled by default)
- add phpMyAdmin-pma.patch

* fix create_tables.sql
- fix restart_on_update

Mon Jan 5 13:00:00 2015 ecsosAATTopensuse.org
- update to 4.3.5 (2015-01-05)
- fix bug Auto-configuration: tables were not created
automatically
- sf#4677 Advanced feature checker does not check for
favorite tables feature
- sf#4678 Some of the data stored in configuration storage
are not deleted upon db or table delete
- sf#4679 Setup does not allow providing a name for
favorites table
- sf#4680 Number of favorite table are not configurable in setup
- sf#4681 \'Central columns table\' field in setup does not have
a description
- sf#4318 Default connection collation and sorting
- sf#4683 Relational data is not properly updated on table rename
- sf#4655 Undefined index: collation_connection (second patch)
- sf#4682 4.3.3 & 4.3.4 Import sql created by mysqldump fails on
foreign keys
- sf#4676 Auto-configuration issues
- sf#4416 New lines are removed when grid editing (part two: TEXT)

Mon Dec 29 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.3.4 (2014-12-29)
- sf#4653 Always connection error was shown, on /setup
at tab \"configuration storage\"
- sf#4661 Drag and drop file import always fails
- sf#4651 don\'t open console with esc
- sf#4664 select min() displays 1 row, but reports the table
amount of rows returned
- sf#4666 Undefined indexes in table stucture print view
of a view
- sf#4663 Export missing back ticks for order table name
- sf#4668 Remove from central columns error
- sf#4670 CSV import reads both commas and values into
first column after first row
- sf#4642 phpmyadmin often fails to load due to specific
load order
- sf#4671 Unable to move all columns
- sf#4645 Import of export created with mysqldump
- sf#4672 \"Distinct values\" does not page
- sf#4667 Consistency in borders
- sf#4658 Illegal string offset (Data_length, Index_length)
- sf#4655 Undefined index: collation_connection
- sf#4673 Delimiter causing page lock

Sun Dec 21 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.3.3 (2014-12-21)
- fix bug The \"Recently used tables\" setting should be with
Nav panel
- sf#4647 Can\'t disable Favorites
- sf#4646 Version Check Broken
- sf#4630 AJAX request infinite loop
- sf#4649 Attributes field size smaller than others
- sf#4622 Cannot remove table ordering on a Mac
- fix bug Fix initial replication configuration
- fix bug Undefined index central_columnswork
- sf#4657 Don\'t have default blowfish_secret
- sf#4656 Some error popups fade away too quickly
- sf#4648 Consistency in borders
- fix bug $cfg[\'Error_Handler\'][\'display\'] no longer necessary
- sf#4659 Leading and trailing whitespace in column name

Fri Dec 12 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.3.2 (2014-12-12)
- sf#4628 PHP error while exporting schema as PDF
- sf#4631 Server selector submits two server parameter values
- sf#4629 Problem with custom SQL queries using cookie
authentication
- fix bug Undefined index central_columnswork
- sf#4632 Notice in ./libraries/Util.class.php#1916
Undefined index: query
- sf#4633 Wrong parameter in fetchValue
- sf#4634 Error reporting creates an infinite loop
- sf#4635 Token mismatch while creating configuration storage
- sf#4640 Incorrect reference to PHP 6
- sf#3794 failure to handle repeating empty columns when
importing ODS
- sf#4638 Default Export Method setting broken
- sf#4639 Export SQL missing indentation first field
- sf#4637 Field Alignment
- sf#4644 Error when browsing tables

Mon Dec 8 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.3.1 (2014-12-08)
- sf#4609 \'Show all\' checkbox label is not clickable
- sf#4610 JS error reporting: Hash fragment is reset
- fix bug Undefined index menuswork
- sf#4614 Separator between \"Show All\" and \"Number of rows\"
disappears
- sf#4615 SQL highlighting in process list breaks on auto refresh
- sf#4616 Warning in db structure print view page
- fix bug Undefined index navwork, savedsearcheswork, fields
- sf#4620 Undefined index while adding to the central
columns list
- sf#4618 Page scrolls while GIS visualization is zoomed in/out
with mousewheel
- sf#4613 HHVM: method \'ob_gzhandler\' not found
- sf#4593 Manual \"SELECT\" doesn\'t change active table
- sf#4623 Incomplete PHP OpenSSL support
- sf#4626 Ctrl + click on a column not in sort triggers a server
call to erroneous url
- sf#4625 \"Insufficient space to save the file\" on export SQL to
file on server
- sf#4627 \"file_get_contents(examples/create_tables.sql): failed
to open stream\" after update
- sf#4617 UI issues with sortable tables
- sf#4619 SELECT LENGTH(`field`) FROM `table` does not sort

Sat Dec 6 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.3.0 (2014-12-05)
+ rfe #1502 Smart sorting for int keys
+ rfe #1521 Confirmation message when dropping user(s)
+ rfe #1518 Confirm dialog on accidentally leaving a page
+ rfe #1445 Easy access to \"SHOW CREATE ...\"
+ rfe #1448 Allow clicking an approximate row count to get
a correct one
+ rfe #1487 \"Browse foreign values\" should be a modal dialog
+ rfe #1523 Better visual clue for table structure
primary key column
+ rfe #982 Support for editing binary fields in hexadecimal
- sf#4416 New lines are removed when grid editing
+ rfe #706 Multi-db privileges adding
+ rfe #1527 Charts for data in format
+ rfe Allow saving query charts as images
+ rfe #1145 Preview SQL instead of executing it
+ rfe #759 Use aliases in SQL export for tables and columns
- sf#4450 Query is duplicated on Ctrl+Enter
+ rfe #755 Export with table/column name changes
+ rfe #869 Run SQL query: Allow rollback for InnoDB tables
+ rfe #654 Range Search Capability
+ rfe #1490 Dynamic process list
+ rfe #1522 Drag and Drop SQL import
+ rfe #637 Custom Field Handlers
+ rfe #1488 User privilege tab not shown in all relevant cases
+ rfe #781 Privileges for non superuser
+ rfe #908 Improvements for the table editor (index creation)
+ rfe #1426 Navigation state lost on reload
- sf#4439 Table list in left panel doesn\'t expand
+ rfe Improved validation when inserting data
+ rfe #1491 Support InnoDB for database Query by example
+ rfe #345 Normalize a table
+ rfe #1123 Zeroconf PMA tables support
+ rfe #1492 Remove the distinct query window / Add SQL
log+history panel
+ rfe #919 Multiple-column foreign key relation
- sf#3165 Redundant foreign keys not supported
- fix bug Incorrect link to documentation
+ rfe #857 Regexp replace
- fix bug Incorrect path in change password when on reverse proxy
or
non-root directory
+ MariaDB 10+ multi-master replication support
+ rfe #1544 MySQL 5.7.5 compatibility
+ rfe #1529 Avoid session timeout when user is active
- sf#4528 Can\'t import dump via SQL field
+ rfe #1251 Show \"Overhead\" with same precision for all tables
+ rfe #1546 Improve the js printf library
+ rfe #1542 Better error reporting in Designer
- sf#4547 Micro history does not work in Users page
- sf#4551 Wrong test in source code
- sf#4537 BLOB inline-view JPG column transformation does
not work for anything except simple queries
+ rfe #1535 Keyword-based autocompletion in SQL query editors
- sf#4558 Unable to Add Rows while Creating Table
+ rfe #1547 Wrap No Tables Found message with message box
- sf#4559 Logging in causes 100% CPU usage
- sf#4564 Designer: spaces in table name with edit table link
generates bad links
- sf#4582 Debug SQL works only for the first page
- sf#3869 Count(
*) on information_scheme.INNODB_BUFFER_PAGE
with a huge bufferpool
- sf#4495 Comment lines in multiquery
- sf#4535 Loads of Warnings/Notices in PMA_getServerSlaveStatus
on replication slave
- sf#4585 Multi query results not shown
+ rfe #1556 Disabling Show all
- sf#4513 phpmyadmin run very slow (information_schema)
- sf#4243 Super slow page rendering with tens of thousands of DBs
- sf#4391 Upgraded to 4.2.0, insanely slow now
+ rfe #1537 PHP OpenSSL support for cookie encryption/decryption
- sf#4227 Token mismatch when using HTTP AUTH and the SESSION
expires
- change all my old mail address in this changelog
from ecsosAATTold.domain to ecsosAATTopensuse.org

Wed Dec 3 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.13.1 (2014-12-03)
This update fixes several vulnerabilities
- Security fixes:

* PMASA-2014-18 (CVE-2014-9219, CWE-661 CWE-79) [boo#908364]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
- sf#4612 [security] XSS vulnerability in redirection mechanism

* PMASA-2014-17 (CVE-2014-9218, CWE-661 CWE-400) [boo#908363]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
- sf#4611 [security] DOS attack with long passwords

Sun Nov 30 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.13 (2014-11-30)
- sf#4604 Query history not being deleted
- sf#4057 db/table query string parameters no longer work
- sf#4605 Unseen messages in tracking
- sf#4606 Tracking report export as SQL dump does not work
- sf#4607 Syntax error during db_copy operation
- sf#4608 SELECT permission issues with relations and restricted
access

Thu Nov 20 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.12 (2014-11-20)
This update fixes several vulnerabilities, as well as a number of
other bug fixes.
- Security fixes:

* PMASA-2014-16 (CVE-2014-8961, CWE-661 CWE-23) [boo#906488]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
- sf#4595 [security] Path traversal can lead to leakage of
line count

* PMASA-2014-15 (CVE-2014-8960, CWE-661 CWE-79) [boo#906487]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
- sf#4596 [security] XSS through exception stack

* PMASA-2014-14 (CVE-2014-8959, CWE-661 CWE-98) [boo#906486]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
- sf#4594 [security] Path traversal in file inclusion of
GIS factory

* PMASA-2014-13 (CVE-2014-8958, CWE-661 CWE-79) [boo#906485]
http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
- sf#4578 [security] XSS vulnerability in table print view
- sf#4579 [security] XSS vulnerability in zoom search page
- sf#4598 [security] XSS in multi submit
- sf#4597 [security] XSS through pma_fontsize cookie
- Other bug fixes:
- sf#4574 Blank/white page when JavaScript disabled
- sf#4577 Multi row actions cause full page reloads
- fix ReferenceError: targeturl is not defined
- fix Incorrect text/icon display in Tracking report
- sf#4404 Recordset return from procedure display nothing
- sf#4584 Edit dialog for routines is too long for
smaller displays
- sf#4586 Javascript error after moving a column
- sf#4576 Issue with long comments on table columns
- sf#4599 Input field unnecessarily selected on focus
- sf#4602 Exporting selected rows exports all rows of the query
- sf#4444 No insert statement produced in SQL export for
queries with alias
- sf#4603 Field disabled when internal relations used

Fri Oct 31 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.11 (2014-10-31)
- fix ReferenceError: Table_onover is not defined
- sf#4552 Incorrect routines display for database due to case
insensitive checks
- sf#4259 reCaptcha sound session expired problem
- sf#4557 PHP fatal error, undefined function __()
- sf#4568 Date displayed incorrectly when charting a timeline
- sf#4571 Database Privileges link does not work
- fix makegrid.js: where_clause is undefined
- sf#4572 missing trailing slash (import and open_basedir)

Tue Oct 21 14:00:00 2014 andreas.stiegerAATTgmx.de
- phpMyAdmin 4.2.10.1 [boo#902154] [CVE-2014-8326]
This release fixes cross-site scripting vulnerabilities in the
SQL debug output and server monitor pages. This developer option
is not enabled by default.
- sf#4562 [security] XSS in debug SQL output
- sf#4563 [security] XSS in monitor query analyzer

Sat Oct 11 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.10 (2014-10-11)
- sf#4361 Can\'t change font size
(when config.inc.php not present)
- sf#4542 Tab key in column name not shown
- fix bug PDF export: title not present in PDF
- sf#4543 Changing column name can break saved \"order by\" clause
- sf#4545 trying to favorite table while browser localStorage
is disabled throws JS error
- sf#4259 reCaptcha sound session expired problem
- sf#4548 Inline editing a field converts tab to spaces
- sf#4252 Database-level permission bug for db names containing
underscores
- sf#3120 Events are not exported when using xml
- sf#4554 Grid-editing timestamp column forces datepicker
- sf#4556 Fast filters for tables, views etc. should be governed
by NavigationTreeDisplayItemFilterMinimum

Wed Oct 1 14:00:00 2014 andreas.stiegerAATTgmx.de
- phpMyAdmin 4.2.9.1 [bnc#899452] [CVE-2014-7217]
Contains a fix for a cross-site scripting vulnerability in the
table search and table structure pages which could be trigged
with a crafted ENUM value
- sf#4544 [security] XSS vulnerabilities in table search and
table structure pages

Sat Sep 20 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.9 (2014-09-20)
- fix bug ajax.js responseHandler: cannot read property of null
- fix bug sql.js: str is undefined
- sf#4524 Allow for direct selection of \"0\"
on the \"user overview\" page
- sf#4529 Undefined index: pos
- sf#4523 tbl_change.js: insert as new row submit type on
multiple selected records does not set all AUTO_INCREMENTs
to 0 value
- fix bug ajax.js responseHandler: another \"cannot read property\"
- fix bug tbl_structure.js \"cannot read property\"

Sun Sep 14 14:00:00 2014 chrisAATTcomputersalat.de
- fix for bnc#896635

* update to 4.2.8.1 (2014-09-13)

* PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php
- sf#4530 [security] DOM based XSS that results to a CSRF
that creates a ROOT account in certain conditions

Fri Sep 5 14:00:00 2014 chrisAATTcomputersalat.de
- rollback changes introduced by fix for bnc#894107 cause they
broke apache pkg.

Sun Aug 31 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.8 (2014-08-31)
- sf#4516 Odd export behavior
- sf#4519 Uncaught TypeError: Cannot read property \'success\'
of null
- sf#4520 sql.js: cannot read property
- sf#4521 Initially allowed chart types do not match selected
data
- sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT
ignored
- sf#4522 Duplicate column names while assigning index
- sf#4487 Export of partitioned table does not import
- fix bug server_privileges.js: cannot read property
- sf#4527 Importing ODS files with column names having trailing
spaces fails
- sf#4413 Navigation Error in Nav Tree for Search Results Past
the First Page
- fix bug functions.js: Cannot read property \'replace\' of undefined

Fri Aug 29 14:00:00 2014 chrisAATTcomputersalat.de
- fix for bnc#894107

* fix post/postun for systemd

Tue Aug 19 14:00:00 2014 chrisAATTcomputersalat.de
- fix changes file

* add missing PMASA / CVE info

Mon Aug 18 14:00:00 2014 andreas.stiegerAATTgmx.de
- fix for bnc#892401

* update to 4.2.7.1

* PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php
- sf#4501 [security] XSS in table browse page
- sf#4502 [security] Self-XSS in enum value editor
- sf#4503 [security] Self-XSSes in monitor
- sf#4504 [security] Self-XSS in query charts
- sf#4517 [security] XSS in relation view

* PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php
- sf#4505 [security] XSS in view operations page

Thu Jul 31 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.7 (2014-07-31)
- sf Broken links on home page
- sf#4494 Overlap in navigation panel
- sf#4427 Action icons not in horizontal order
- sf#4493 s_attention.png is missing
- sf#4499 Uncaught TypeError: Cannot call method \'substr\' of undefined
- sf#4498 PMA 4.2.x and HHVM
- sf#4500 mysql_doc_template is not defined

Fri Jul 18 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.6 (2014-07-17)
- sf#4471 Undefined index warning with referenced column.
- sf#4027 $cfg[\'MaxExactCount\'] is ignored when BROWSING is
back
- sf#4482 Multi Column sorting (improved user experience)
- sf#4478 Server validation does not work while in setup/mysqli
- sf Undefined variable when grid editing a foreign key column
- sf#4481 mult_submits.inc.php Undefined variable Error
- sf#4485 Sorting breaks the copy column feature
- sf#4440 Javascript error when renaming table
- sf#4483 \'New window\' link (selflink) disappears, causing
Javascript error
- sf#4489 Incorrect detection of privileges for routine
creation
- sf#4459 First few characters of database name aren\'t
clickable when expanded
- fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php

* sf#4486 [security] XSS injection due to unescaped table
comment
- fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php

* sf#4488 [security] XSS injection due to unescaped table name
(triggers)
- fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php

* sf#4492 [security] XSS in AJAX confirmation messages
- fix for PMASA-2014-7 (CVE-2014-4987, CWE-661)
http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php

* sf#4491 [security] Missing validation for accessing User
groups feature

Thu Jun 26 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.5 (2014-06-26)
- sf#4467 shell_exec() has been disabled for security reasons
- sf#4470 Error while submitting empty query
- sf#4463 Fatal error: Class \'PMA_DatabaseInterface\' not found
- sf#4469 Fixed cookie based login for installations without mcrypt
- sf#4473 incorrect result count when having clause is used
- mcrypt: remove the requirement (64-bit) and the related warning

Sat Jun 21 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.4 (2014-06-20)
- sf#4449 Mediawiki export does not produce table header row;
also fix related PHP warnings
- sf#4442 New lines are added to query every time
- sf#4445 Fatal error on SQL Export of join query
- sf#4448 Dump binary columns in hexadecimal notation not working
- Regenerate cookie encryption IV for every session
- sf#4405 Cannot import (open_basedir): fix another case
- sf#4457 SQL tab - Insert queries not showing affected row count
- bug Missing warning about existing account, on multi-server config
- sf#4435 WHERE clause can be undefined
- bug SQL export views as tables option getting ignored

* fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 )
http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php
- sf#4464 [security] XSS injection due to unescaped db/table name
in navigation hiding

* fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 )
http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php
- sf#4465 [security] XSS injection due to unescaped db/table name
in recent/favorite tables

Mon Jun 9 14:00:00 2014 andreas.stiegerAATTgmx.de
- update to 4.2.3:
- sf#4423 Moving fields not working
- sf#4424 Table indexes disappear after altering field
- sf#4432 Error while displaying chart at server level
- sf#4405 Cannot import (open_basedir)
- sf#4396 Problem copying constraints (such as Sakila)
- sf#4433 Missing privileges submenu
- sf#4394 Drop db confirmation message when dropping a user
- sf#4436 Insert form numeric field with function drop-down list
- sf#4437 Problems due to missing enforcement of the minimum
supported MySQL version
- Add enforcement of the minimum supported PHP version (5.3.0)
- bug: Query error on submitting a column change form containing
a disabled input field
- bug: Incorrect menu tab generation from usergroups
- bug: Missing space in index creation/edit generated query
- sf#4434 Unchecking \'Show SQL queries\' results NaN

Tue May 20 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.2 (2014-05-20)
- sf#4388 Disable database expansion when enabled throws Error 500
when database name is clicked in navigation tree
- sf#4414 table display of performance_schema DB structure
- sf#4411 Protect Binary Columns: many problems
- sf#4395 BLOB link transformation is broken
- sf Respect [\'ShowCreateDb\'] in the navi panel
- sf#4392 Cannot see databases in nav panel on databases grouping
when disabled database expansion
- sf#4419 No more calendar into search tab
- sf#4398 Monitor should fit into screen width
- sf#4418 When copying databases, primary key attributes get lost
- sf#4421 empty maxInputVars on js/messages.php

Tue May 13 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.1 (2014-05-13)
- sf#4380 Cannot display table structure with enums
containing special characters
- sf#4381 Cannot remove the last remembered sorted column
- sf Correctly fetch length of user and host fields in MySQL tables
- sf#4364 examples/signon.php does not support
the SessionSavePath directive
- sf#4382 Missing source for OpenLayers library
- sf Incorrect attributes for number fields
- sf#4383 Cannot update values in Zoom search
- sf#4313 GIS Visualization Extension does not work
with PointFromText() function
- sf#4384 Incorrect \"Rows\" total shown when truncating
or dropping a table on DB Structure page
- sf#4385 Grid edit on sorted columns fails
- sf#4389 Null checkbox covering data input when editing
- sf#4390 Data type changing by itself
(no size but attribute present)

Thu May 8 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.2.0 (2014-05-08)
+ rfe #1403 Export only triggers
+ rfe #1483 Export Server/Database/Table without triggers
+ rfe #1662 Add table comment tool tip in database structure page
+ rfe #1447 Single table for display Character Sets and Collations
+ rfe #1455 Display icons/text/both for the table row actions
+ rfe #1473 Transformation to convert Boolean value to text
- sf#4157 Changing users password will delete it
+ rfe #1474 Text transformation combines Append and Prepend
+ Added warning about the mysql extension being deprecated
and removed the extension directive
+ Added support for scatter charts
+ rfe #1478 Make Column Headings Sticky
+ rfe #1480 Enhance privileges initials table
+ rfe #1472 [interface] Break \"Edit privileges\" with sub-menus
+ rfe #1466 Minor refactoring required
+ rfe #1004 Create indexes at the end in SQL export
+ rfe #1479 Relations edit form for larger monitors
+ rfe #1475 Inline query box vertical resize
+ rfe #1500 [interface] Add bottom border to top menu container
+ rfe #1498 Add datepicker for \'TIME\' type
- sf#4237 HTTP Referer disclosure in SQL links
+ rfe Show full names on navigation hover
+ rfe #1505 Behaviour on click on a routine in nav panel
+ rfe #1418 Support more than one separating character on CSV import
+ rfe #569 Load/Save Query By Example
- sf#4281 Grid edit ENUM field, dialog disappears when trying to select
- sf#4304 DB export using zip compression generates an empty archive
+ rfe #1508 confirmation message at the top
- sf#4306 breadcrubs wrong on table create
+ rfe #1511 better validate database name for copying
+ rfe #1510 Database tab \"Drop\" button should be a link
+ rfe #1513 Highlight required form fields after failed submission
+ rfe #1460 Redirect to login page after session has expired
- sf#4316 Grid edit: can\'t change month on date fields
+ rfe #1501 add maxlength by field with length-spec
+ rfe #1512 Import happily doesn\'t do anything with no file name provided
+ rfe #1514 Add function to all the insert boxes automatically
+ rfe #1515 Option to skip tables larger than n
+ rfe #1486 Possibility of disabling database expansion
+ rfe #1476 Favourite tables select box
+ rfe #420 $cfg[\'CharEditing\']=\'textarea\' for structure edit
+ rfe #1329 Avoid editing of fields which are part of relation
+ rfe [interface] Highlight active left menu item in setup
+ rfe Filter on-screen rows during Browse
Removed support for SQL Validator (SOAP service no longer offered)
- sf#4352 Settings > Manage: incorrect messages
- sf#4337 \"More\" in Actions area doesn\'t collapse to fit available space
- sf#4375 Group two DB, one\'s name is the prefix of the other one
- sf#4070 Confusing database/table grouping
- sf#4366 Creating Index doesn\'t update index-list

Sat Apr 26 14:00:00 2014 andreas.stiegerAATTgmx.de
- phpMyAdmin 4.1.14

* sf#4365 Creating bookmark with multiple queries not working

* sf#4372 Changing browser transformation results in unnecessary
table rebuild

* sf#4375 Group two DB, one\'s name is the prefix of the other one

* sf#4376 [interface] Login fields show in separate line

Sun Apr 13 14:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.13 (2014-04-13)

* sf#4279 CTRL + up or down moves 2 fields

* sf#4336 List server css style wrong

* sf Missing value on the Status > Server page

* sf#4347 Fixed PHP Parse error in Advisor

* sf#4350 Deleting the DB if it is renamed by the same name

* sf#4353 makeProfilingChart is not defined

* sf#4355 Precision specifier for DOUBLE type is truncated

* sf#4346 Incorrect \"Export incomplete\" message

* sf#4359 Notices on create table page

* sf#4356 GROUPed selects show number of rows as if not grouped

* sf#4357 JS Form submitted on \"enter\" even if focus
is inside a select field

Thu Mar 27 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.12 (2014-03-27)

* sf#4334 Add event : datepicker won\'t open

* sf#4338 Fix missing value error while executing SQL query

* TCPDF library is now optional dependency

* sf#4326 Cannot find the import plugins which start with uppercase \'I\'

Sat Mar 22 13:00:00 2014 andreas.stiegerAATTgmx.de
- phpMyAdmin 4.1.11:

* sf#4335 reCaptcha problem (4.1.10 regression)

Sat Mar 22 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.10 (2014-03-22)

* sf#4301 Grid edit: \"SELECT\" query is replaced by \"UPDATE\"
query after edit

* sf#4278 reCaptcha re-login requires double effort

* sf#4324 Datepicker not showing up on insert page

* sf#3991 Problem selecting item in select boxes
with the ENTER keystroke in some browsers

* sf#4323 QueryWindow ignores CodeMirror

* sf None of the live charts shown on \"Status -> Monitor\" (Chrome)

Sat Mar 8 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.9 (2014-03-06)

* sf#4279 CTRL + up or down moves two fields (part one)

* sf#4294 output as text radio clickable for \"OpenDocument Text\" export

* sf#4297 DROP DATABASE tick box in export no longer works

* sf#4291 Unable to export comments in OpenDocument text format

* sf#4299 Deletion even when the user says \"No\" to the confirmation message

* sf#4303 \"New\" link in navi panel is shown even if no privileges

* sf#4302 Some params are being omitted from microhistory

* sf#4298 Missing validation on Import CSV: \"Columns enclosed with\"
and \"Columns escaped with\"

* sf#4040 Fatal error while resetting settings

* sf#4305 JS error when editing procedure from nav panel

* sf#4308 Edit routine form submitting when pressing enter

* sf#4307 Nav: \"Columns\" won\'t expand with specific schema

Wed Feb 26 13:00:00 2014 chrisAATTcomputersalat.de
- fix changes file

Sat Feb 22 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.8 (2014-02-22)

* sf#4276 Login loop on session expiry

* sf#4249 Incorrect number of result rows for SQL with subqueries

* sf#4275 Broken Link to php extension manual

* sf#4053 List of procedures is not displayed after executing with Enter

* sf#4081 Setup page content shifted to the right edge of its tabs

* sf#4284 Reordering a column erases comments for other columns

* sf#4286 Open \"Browse\" in a new tab

* sf#4287 Printview - Always one column too much

* sf#4288 Expand database (+ icon) after timeout doesn\'t do anything

* sf#4285 Fixed CSS for setup

* Fixed altering table to DOUBLE/FLOAT field

* sf#4292 Success message and failure message being shown together

* sf#4293 opening new tab (using selflink) for import.php based actions
results in error and logout

Sun Feb 9 13:00:00 2014 ecsosAATTopensuse.org
- fix for bnc#864917

* PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79)

* update to >= 4.1.7
- update to 4.1.7 (2014-02-09)

* sf#4245 initial Browse query does not match sorting order

* sf#4250 Notice on export page

* sf#4253 \"New\" text in navigation frame acts like a database

* sf#4262 Cannot define a column with fractional seconds

* sf#4265 Missing datepicker icon for DATETIME(length)

* sf#4257 Hide fractional seconds when applicable

* sf#4264 Uncheck \"Ignore\" while inserting, upon leaving a textarea

* sf#4260 reCaptcha is ignoring language settings

* sf#4259 reCaptcha sound session expired problem

* sf#4263 Japanese character encoding not working properly when exporting

* sf#4269 Notice on table relation page

* sf#4270 Bad text-color for table comments

* sf#4278 reCaptcha re-login requires double effort

* sf#4272 Incorrect tabindex

* sf#4271 Query by example and the second criteria line

* sf#4242 Wildcard-containing only_db failure in sidebar

Sun Jan 26 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.6 (2014-01-26)

* sf#4232 User not found after creating the user

* sf#4241 Confusing dialog when trying to create an already existing user

* sf#4239 Missing LIMIT clause for some queries

* rfe #1489 Do not show create icon when user has no privileges

* sf#4218 Chrome behavior with date fields

* sf#3579 NOW() function incorrectly selected (regression)

* sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1

* sf#3889 When login fails and error display is active, login data is displayed (regression)

* sf#4247 open_basedir warnings on export page

* sf#4013 AJAX request waiting until version info is retrieved

* sf#4248 js error when changing number of columns in status monitor

Fri Jan 17 13:00:00 2014 andreas.stiegerAATTgmx.de
- phpMyAdmin 4.1.5

* sf#3780 Allow aborting loading pages

* sf#4223 Database list: Create database misses collation column

* sf#4224 Empty table names when a table is \"inuse\"

* sf#4225 Partition maintenance broken

* sf#4219 Table list (left panel) does not reload when table renamed

* sf#4230 \"in use\" displayed for all views in database print view

* sf#4226 Notice: Undefined index: pma_config_loading

* sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export)

* sf#4204 Reloading user privileges hides user groups submenu

* sf#4231 DATE columns quick edit decrement by one day

Wed Jan 8 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.4 (2014-01-07)

* sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times

* sf#4209 Missing compression in one case

* sf#4208 Can\'t browse tables after sorting on columns with fieldnames that have a \'-\'

* sf#4184 Switch to wrong page after adding an index

* sf#3885 Additional fix for this bug

* sf#4212 Table \"disappears\" if it has the same name as its tablegroup

* sf#4213 Datetime Quick Edit decrements by one day

* sf#4217 Current value not highlighted when browsing foreign values

* sf#4220 Incorrect key values in foreign key browser

* sf#4215 MariaDB 5.5: error in Drizzle detection

Wed Jan 1 13:00:00 2014 andreas.stiegerAATTgmx.de
- add source URL, see https://en.opensuse.org/SourceUrls

Wed Jan 1 13:00:00 2014 ecsosAATTopensuse.org
- update to 4.1.3 (2013-12-31)

* sf#3938 PDFDefaultPageSize doc and easy configurability

* sf#4198 Hovering over pie chart gives fatal JS error

* sf#4200 Missing syntax highlighting

* sf#4201 Exports are not compressed

* sf#4131 Import: \"number of rows to skip\" is ambiguous

* sf#4205 Add a user shows additional \"edit user group\" link

* sf#4202 Cannot read property \'token\' of undefined

* sf#4203 On refreshing designer, $.FullScreen is undefined

* sf#3920 Lost space in navigation area
- Fix python-bytecode-inconsistent-mtime

Mon Dec 23 13:00:00 2013 ecsosAATTopensuse.org
- update to 4.1.2 (2013-12-23)

* sf#4178 Quick edit for BIT type does not work

* sf#2760 Warn about incomplete exports

* sf#4190 Fractional seconds cause row update even if the value is not changed

* sf#4170 Overflow scroll for table grid is not a good solution

* sf#2961 Relations settings not updated on config change

* sf#4187 SQL query inline edit doesn\'t post changes on the first run

* rfe #1465 Docs for connections to IPv6 only MySQL instances

* rfe #1468 [interface] No floating for server breadcrumb menu

Tue Dec 17 13:00:00 2013 ecsosAATTopensuse.org
- update to 4.1.1 (2013-12-17)

* sf#4154 Error using UNION query

* sf#4173 Transformations overview not reachable

* sf#4149 Js freezes in the management of replication

* sf#3903 Query fails when using aliases after ordering result

* sf#4181 Adding columns in table creation clears existing columns

* sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow
Procedures to be executed by user

* sf#4186 Adding a column when creating a table does not propagate index info

* sf#4185 Unable to execute create procedure statement from query window

Sun Dec 15 13:00:00 2013 ecsosAATTopensuse.org
- update to 4.1.0 (2013-12-11)

* rfe #499 On user creation, warn if the user already exists

* Use indeterminate check all checkbox in server privileges

* Break server_status.php functions into smaller functions

* PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards

* [interface] Make warning about existing config directory clearer

* rfe #1414 Allow specifying controlport

* PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards

* rfe #1412 Creating a view from an empty set of results

* Improved layout on db and table operations pages

* rfe #1410 Added support for AES_ENCRYPT for blob fields

* rfe #1423 Clarify option text for icon/text settings

* [interface] Upgraded CodeMirror to 3.x series

* rfe #1363 Improved query profiler

* [interface] rfe #1429 Better suggestion for database name

* rfe #1433 Support relations with ndbcluster

* sf#3962 Proper escaping of JSON export

* rfe #1382 Optional ReCAPTCHA support

* rfe #1434 Improvements to the table browsing navigation bar

* rfe #1233 and rfe #1283 Improvements to Relation View interface

* rfe #1397 Use fractional seconds in time, datetime, and timestamp

* rfe #175 Allow cross-database relations

* [core] Dropped support for PHP 5.2.

* rfe #487 and rfe #1405 Find and Replacing column wise

* rfe #1373 Use same create view dialog for editing a view

* rfe #316 Configurable menus; allow user groups with customized menus per group

* sf#4024 Editing field a record is selected by makes pma load forever

* sf#4035 Query \"inline\" link disappears when turning off \"Explain SQL\" option

* rfe #1385 Hide tables, functions, procedures, events and views in navigation tree

* rfe #1321 Export view as if it was a table

* Dropped configuration directive: SQP

* Dropped configuration directive: MySQLManual
*

* rfe #1041 and bug #2954 Improved support for SSL connections between MySQL and phpMyAdmin

* sf#4056 Language: Vague error message when adding a varchar field

* [setup] rfe #1452 Use type=\"password\" for server passwords

* rfe #1451 HTML5 input tag enhancements

* sf#1193 Text field too small when editing a row longer than $cfg[\'LimitChars\']

* Privileges tab for table level

* sf#4068 Headline in operations not readable in IE10

* sf#4000 \"Table does not contain unique column\" message appears after adding a unique column

* rfe #1428 add \'new database\' entry to nav tree

* rfe #1457 Stone Age icon found

* rfe #1463 Filter tables and databases by regular expression

* Change the proxy variable names in the config to remove the VersionCheck prefix from them

* Added an Error Reporting Component

* Javascript files are no longer uglified

* sf#4145 Config screen fails to validate MemoryLimit = -1 (new default)

* sf#4123 Double config including

* sf#4134 After deleting all rows on a page, it returns to a blank page

* Dropped configuration directive: DisableIS, ShowDatabasesCommand

* sf#4152 Not possible to enter % for search in date fields

* sf#3931 IN Clause search does not permit multiple values

* sf#4086 Clicking OK from edit popup opens new tab

* sf#2983 unknown table status: TABLE_TYPE

* sf#4030 ORDER BY SUM(`field`) does not sort DESC

* sf#4133 CSV import breaks when no blank line at end of file

* sf#4153 Unable to import if newline encoding is MAC style

* sf#4096 horizontal scrollbar should not overflow on the left column

* sf#4159 bug with navigation between database and table filter

* sf#4119 Huge session data with $cfg[\'Error_Handler\'][\'gather\']

* sf#4169 Table list jumps to table on click

* sf#4168 Rename multiple columns is not working

Fri Dec 6 13:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.10 (2013-12-04)

* sf#4150 Clicking database name in query window opens a new tab

* sf#4141 Wrong page is shown after editing; also, do not show a modal
dialog for multi-row edit

* sf#3939 PHP NavigationTree error when paging through list

* sf#4075 Support A10 Networks load balancer

* sf#4083 row deleting isn\'t binlogs friendly

* sf#4163 Setup script does not recognize manually-configured server

* sf#4158 Events page says no privileges with ALL PRIVILEGES

Sun Nov 10 13:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.9 (2013-11-04)

* sf#4104 Can\'t edit updatable view when searching

* sf#4108 Missing refresh by deleting databases

* sf#3995 Drizzle server charset notice

* sf#3911 Filtering database names includes empty groupings

* sf#3678 Does not display or manipulate bit(64) fields appropriately

* sf#4129 Unneeded navi panel refresh

* sf#4120 SSL redirects to port 80

* sf#4144 DROP DATABASE displays wrong database name

* sf#4059 Running delete query asks for confirmation but says it was already executed

* sf#4147 Accessibility: Images without Alt nor title attribute

Mon Oct 7 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.8 (2013-10-06)

* sf#3988 Rename view is not working

* sf#4041 Interaction between linkified fields and grid editing

* sf#3975 Table grouping isn\'t implemented properly

* sf#4060 Browser tries to remember wrong password when creating new user

* sf#4002 Edit Index on big table doesn\'t show \"Loading\" or any message

* sf#4098 Default table tab is ignored

* sf#4099 Server/library difference warning: setting is ignored

* sf#4100 table tree group strategy

* sf#4102 ALTER TABLE ORDER BY and InnoDB

* sf#4103 Tracking report: cannot delete a statement

* sf#3996 Drizzle navigation doesn\'t expand

* sf#4074 GIS column editor: point not displayed

* sf#4109 Drizzle tables in navigation are shown as views

* sf#4095 NUL symbols added to the end of database dump file

* sf#4105 More disappears in table Structure

* sf#3992 Multi-row edit doesn\'t clear values when checking NULL

Sun Sep 29 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.7 (2013-09-23)

* sf#3993 Sorting in database overview with statistics doesn\'t work

* bug Handle the situation where PHP_SELF is not set

* sf#4080 Overwrite existing file not obeyed

* sf#3929 Database-specific privileges are not copied when cloning user

* sf#3997 Error handling in case MySQL extension is missing

* sf#4089 Moving Columns will alter column definition

* sf#4091 Insert ignore option does not work

* sf#4090 Downloading BLOB downloads page template

* sf#4092 Clicking on table name in view of information_schema redirects to wrong page

* sf#4079 Copy Table Add AUTO_INCREMENT value checkbox not working

* sf#4088 MySQL server version at index.php incorrect w/ controlhost

* sf#4001 Import error: Class \'ImportOds\' not found

* sf#3986 Missing DROP VIEW button

Sat Sep 7 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.6 (2013-09-05)

* sf#4036 Call to undefined function mb_detect_encoding (clarify the doc)

* sf Missing hints when changing a column\'s structure

* sf#4048 Cannot select foreign value in Search

* sf#4025 gzip export is not actually compressed with mod_deflate

* sf#4054 query analysis doesn\'t launch in status monitor

* Add pmahomme icon credits (FamFamFam silk icon set)

* sf#4064 Table structure statistics \"Space usage\" caption too small for l10n

* sf#4051 Wrong tabindex when inserting rows

* sf#4066 varchar field not truncated in table browse mode

* rfe #1435 Opening database should expand it in the navigation menu

* (performance) Removed ShowTooltip directive

* sf#4046 Exporting huge Tables causes memory-Problems

Wed Aug 7 14:00:00 2013 chrisAATTcomputersalat.de
- fix for bnc#833731

* PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693)
http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php

Mon Aug 5 14:00:00 2013 obsAATTladisch.de
- update to 4.0.5 (2013-08-04)

* sf#3977 Not detected configuration storage

* sf#3970 Pressing enter in the filter field reloads page

* sf#3984 Cannot insert in this table (PHP < 5.4)

* sf#3989 Reloading privileges does not update the interface

* sf#3960 NavigationBarIconic config not honored

* sf#3985 Call to undefined function mb_detect_encoding

* sf#4007 Analyze option not shown for InnoDB tables

* sf#4015 Forcing a storage engine for configuration storage

* bug Incorrect Drizzle 7 detection

* sf#4019 Create database if not exists (export): add an option to the
interface to enable generating CREATE DATABASE and USE (false by default)

* sf#4012 Crash on CSV file import

* sf#4009 Statistic Monitor shows only last 3 digits in graph

* sf#3998 Non-permanent SQL history not working

* sf#3578 Transformations for text/plain on a BLOB column

* [security] Improved protection against cross framing, see PMASA-2013-10
(CVE-2013-5029 CWE-661 CWE-693)

* Reinstated configuration directive: AllowThirdPartyFraming
- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes
- add CVEs to 4.0.4.2 changes

Mon Jul 29 14:00:00 2013 chrisAATTcomputersalat.de
- fix for bnc#831896

* multiple XSS issues (+ a SQL injection and full path disclosure flaw)

* fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79)

* fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80)

* fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79)

* fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200)

* fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80)

* fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79)

* fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)
- update to 4.0.4.2 (2013-07-28)

* [security] fix unescaped parameter, see PMASA-2013-8

* [security] Fix stored XSS in Server status monitor, see PMASA-2013-9

* [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9

* [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9

* [security] Fix full path disclosure, see PMASA-2013-12

* [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15

* [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15

* [security] Fix self-XSS in schema export, see PMASA-2013-14

* [security] Fix unencoded json object, see PMASA-2013-11

* [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13

Wed Jul 3 14:00:00 2013 obsAATTladisch.de
- update to 4.0.4.1 (2013-06-30)

* [security] Global variables scope injection vulnerability
(PMASA-2013-7, CVE-2013-4729)

Tue Jun 18 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.4 (2013-06-17)

* sf#3959 Using DefaultTabDatabase in NavigationTree for Database Click

* sf#3961 Avoid Suhosin warning when in simulation mode

* sf#3897 Row Statistics and Space usage bugs

* sf#3966 Only display \"table has no unique column\" message when applicable

* sf#3960 NavigationBarIconic config not honored

* sf#3965 Default language wrong with zh-TW

* sf#3921 Call to undefined function PMA_isSuperuser() if default server is not set

* sf#3971 Ctrl/shift + click opens links in same window

* sf#3964 Import using https does not work

* fix bug Missing removeCRLF option in ExportCsv and ExportExcel plugins

* sf#3631 Drop not working Visio schema export.

* sf#3645 Better handling of invalid ODS documents

* sf#3976 Number of pages

* sf#3922 User privileges, database name unescaped

Wed Jun 12 14:00:00 2013 chrisAATTcomputersalat.de
- fix changelog

* add missing \'fix for bnc#xxxxxx

Thu Jun 6 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.3 (2013-06-05)

* sf#3941 Recent tables list always empty

* sf#3933 Do not translate \"Open Document\" in export settings

* sf#3927 List of tables is missing after expanding in the navigation frame

* sf#3942 Warnings about reserved word for many non reserved words

* sf#3912 Exporting row selection, resulted by ORDER BY query

* sf#3957 Cookies must be enabled past this point

* sf#3956 \"Browse foreign values\" search filter / page selector not working

* sf#3579 NOW() function incorrectly selected (partial regression)

* [security] Javascript execution vulnerability in Create view,
reported by Maxim Rupp (see PMASA-2013-6)
- fix for bnc#824306

* PMASA-2013-6 (CVE-2013-3242)

Sat May 25 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.2 (2013-05-24)

* sf#3902 Cannot browse when table name contains keyword \"call\"

* center loading indicator for navigation refresh, related to bug #3920

* sf#3925 Table sorting in navigation panel is case-sensitive

* sf#3915 Import of CSV file (Replace table data with file) with duplicate values

* sf#3907 undefined variables, function parameter problems

* sf#3898 Structure not refreshed after column drop

* sf#3926 View is not updatable

* sf#3919 PropertiesIconic not honored

* sf#3930 Databases to choose for specific privileges show up escaped

* sf#3910 Export database with empty table as a php array, does not produce valid PHP

* sf#3936 Query profiler chart not loading from SQL Query page

* sf#3946 Missing CSV import option \"Do not abort on INSERT error\"

* sf#3943 Missing Operations>Table options>AUTO_INCREMENT

* bug Missing CREATE DATABASE statement when exporting at database level

* sf#3924 Show warning when CSV file does not contain data for all columns

* sf#3947 Missing Sql Query after modify structure

* sf#3948 Server export problems

* sf#3917 CountTables directive is deprecated

Wed May 15 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.1.0 (2013-05-14)

* sf#3879 Import broken for CSV using LOAD DATA

* sf#3889 When login fails and error display is active, login data is displayed

* sf#3890 [import] Web server upload directory import fails

* sf#3891 [import] Server upload folder import file name missing in success message

* rfe #1421 [auth] Add retry button on connection failure with config auth

* sf#3894 [interface] Provide feedback if no columns selected for multi-submit

* sf#3799 [interface] Incorrect select field change on ctrl key navigation in Firefox

* sf#3885 [browse] display_binary_as_hex option causes unexpected behavior

* sf#3899 Git commit links to Github missing

* sf#3900 CSP WARN in Firefox console

* sf#3901 Setup script warning for config auth (stored login data) shows link BBcode

* sf#3895 [browse] Fixed getting BLOB data

* sf#3905 [export] Custom Exporting exports all databases

* sf#3909 [import] Import of CSV FIle to selected table doesn\'t work

* sf#3904 Browsing an empty table should not display its Structure

* sf#3908 Calendar widget improperly redirects to home

* sf#3918 Greyed out tabs when there are no rows fixed

* sf#3916 [interface] Missing scrollbar (original theme)

* [vendor] add tcpdf path to vendor_config.php

* bug fix compat with tcpdf >= 6.0 (tested with 6.0.012)

Fri May 3 14:00:00 2013 ecsosAATTopensuse.org
- update to 4.0.0 (2013-05-03)

* Patch #3481047 for rfe #3480477 Insert as new row enhancement

* Patch #3480999 Activate codemirror in the query window

* Patch #3495284 XML Import - fix message and redirect

* rfe #3484063 Null checkbox behavior

* Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_%

* Patch #3498201 Contest-6: Export all privileges

* Patch #3502814 for rfe #3187077 Change password buttons should match

* rfe #3488640 Expand table-group in non-light navigation frame if only one

* Patch #3509360 Contest-3: Option \"Truncate table\" before \"insert\"

* Patch #3506552 Contest-2: Show index information in the data dictionary

* Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables

* sf#3509686 Reverting sort on joined column does not work

* New transformation: append string

* rfe #3507804 Session upload progress (PHP 5.4)

* rfe #3488185 draggable columns vs copy column name

* Patch #3507001 Contest-4: Textarea for large character columns

* Removed the PHP version of the ENUM editor

* Patch #3507111 Display distinct results, linked to corresponding data rows

* sf#3507917 [export] JSON has unescaped values for allegedly numeric columns

* rfe #3516187 show tables creation, last update, last check timestamps in db_structure

* sf#3059806 Supporting running from CIFS/Samba shares

* sf#3516341 [export] Open Document Text, Word and Texy! Text show table structure twice

* sf [export] Texy! Text: Columns containing Pipe Character don\'t export properly

* [export] Show triggers in Open Document Text, Word and Texy! Text

* Patch #3415061 [auth] Login screen appears under the page

* rfe #3517354 [interface] Allow disabling CodeMirror with $cfg[\'CodemirrorEnable\'] = false

* rfe #3475567 [interface] New directive $cfg[\'HideStructureActions\']

* sf#3468272 [import] Fixed import of ODS with more paragraphs in a cell

* sf#3510196 [core] Improved redirecting with ForceSSL option

* rfe #3518852 [edit] edit blob but not other binary, new option $cfg[\'ProtectBinary\'] = \'noblob\'

* Hide language select box if there are no locales installed

* Removed some directives: verbose_check, SuggestDBName, LightTabs,
VerboseMultiSubmit, ReplaceHelpImg

* Patch #3500882 Fixing checkbox behaviour while editing identical rows

* rfe #3441722 [interface] Display description of datatypes

* rfe #3517835 [structure] Move columns easily

* Ajaxified \"Create View\" functionality

* [import] New plugin: import mediawiki

* New navigation system

* Discontinued the use of a frame-based layout

* rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table

* [interface] Autoselect username input on cookie login page

* sf#3563799 [interface] Grid editing destroying huge amount of data

* [import] Remove support for the unactive docSQL import format

* sf#3577443 [edit] \"Browse foreign values\" does not show on ajax edit

* rfe #3522109 [browse] Grid editing: action to trigger it (or disable)

* sf#3526598 [interface] SQL query not shown when creating table

* Dropped configuration directive: AllowThirdPartyFraming

* Dropped configuration directive: LeftFrameLight

* Dropped configuration directive: DisplayDatabasesList

* Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB

* Dropped configuration directive: NaviDatabaseNameColor

* Added configuration directive: MaxNavigationItems

* Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping

* Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator

* Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator

* Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel

* Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable

* Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable

* Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum

* Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo

* Renamed configuration directive: LeftLogoLink => NavigationLogoLink

* Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow

* Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers

* Renamed configuration directive: LeftRecentTable => NumRecentTables

* Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum

* Removed the \"Mark row on click\" feature; must now click the checkbox to mark

* Removed the \"Synchronize\" feature

* Improved layout of server variables page

* rfe #1052091 [config] Double-underscores in PMA table names

* Improved the \"More\" dropdown on the table structure page

* [interface] Added \"scroll to top\" link in menubar

* [designer] Fullscreen mode for the designer

* Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2

* Patch #3597529 [status] Add raw value as title on server status page

* Support MySQL 5.6 partitioning

* Removed the AjaxEnable directive

* rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg[\'Servers\'][$i][\'AllowDeny\'][\'rules\']

* sf#3576788 Grid editing shows the value before silent truncation

* Upgraded jqPlot to 1.0.4 r1121

* Upgraded to jquery-ui-timepicker-addon 1.1.1

* rfe #3599046 [interface] Added comments for indexes

* Replaced qtip with jQuery UI tooltip

* Upgraded CodeMirror to 2.37

* sf#2951 [export] Correctly export decimal fields.

* sf#3762 [core] Make Advisor work on Windows withou COM extension.

* sf#3519 [export] Prevent infinite recursion in PDF export.

* sf#3827 Table specific privileges not displayed for db name containing underscore

* rfe #1386 Add IF NOT EXISTS clause when copying database

* No longer package .travis.yml configuration file when creating a release.

* sf#3830 Can\'t export custom query because it lowercases table names

* sf#3829 Enabling query profiling crashes javascript based navigation

* rfe #879 Reserved word warning

* Remove the database ordering sub-feature of the only_db directive

* sf#3840 When exporting to gzip format, the data is compressed 2 times

* rfe #1319 Permit to create index when creating foreign key

* sf#3703 Incorrect updating of the list of users

* sf#3853 Blowfish implementation might be broken (replace with phpseclib)

* sf#3865 Using like operator on each backslash needs 4 backslash protection

* sf#3860 Displayed git revision info is not set

* sf#3871 Check referential integrity broken across databases

* sf#3874 [export] No preselected option when exporting table

* sf#3873 Can\'t copy table to target database if table exists there

* sf#3683 Incorrect listing of records from to count

* sf#3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM

* [security] Local file inclusion vulnerability, reported by Janek Vind
(see PMASA-2013-4)

* [security] Global variables overwrite in export.php, reported by Janek Vind
(see PMASA-2013-5)

* sf#3892 [export] SQL Export files are empty
- fix for bnc#824304

* PMASA-2013-4 (CVE-2013-3240)
- fix for bnc#824305

* PMASA-2013-5 (CVE-2013-3241)

Wed Apr 24 14:00:00 2013 ecsosAATTopensuse.org
- update to 3.5.8.1 (2013-04-24)

* [security] Remote code execution (preg_replace), reported by Janek Vind
(see PMASA-2013-2)

* [security] Locally Saved SQL Dump File Multiple File Extension Remote Code
Execution, reported by Janek Vind (see PMASA-2013-3)
- fix for bnc#824301

* PMASA-2013-2 (CVE-2013-3238)
- fix for bnc#824302

* PMASA-2013-3 (CVE-2013-3239)

Mon Apr 8 14:00:00 2013 ecsosAATTopensuse.org
- update to 3.5.8 (2013-04-08)

* sf#3828 MariaDB reported as MySQL

* sf#3854 Incorrect header for Safari 6.0

* sf#3705 Attempt to open trigger for edit gives NULL

* Use HTML5 DOCTYPE

* [security] Self-XSS on GIS visualisation page, reported by Janek Vind
see PMASA-2013-1

* sf#3800 Incorrect keyhandler behaviour #2
- fix for bnc#814678

* PMASA-2013-1 (CVE-2013-1937)

Fri Mar 15 13:00:00 2013 chrisAATTcomputersalat.de
- update to 3.5.7.0 (2013-02-15)

* sf#3779 [core] Problem with backslash in enum fields

* sf#3816 Missing server_processlist.php

* sf#3821 Safari: white page

* Correct detection of the Chrome browser

Mon Feb 4 13:00:00 2013 drahtAATTsuse.de
- update to 3.5.6.0 (2013-01-28)

* sf#3593604 [status] Erroneous advisor rule

* sf#3596070 [status] localStorage broken in server status monitor

* sf#3598736 [routines] Editing a procedure with special characters

* sf#3600322 [core] Visualize GIS data throws Fatal Error

* sf#3599362 [core] Double-escaped error message

* sf#3776 [cookies] Login without auth on second server

Wed Jan 16 13:00:00 2013 chrisAATTcomputersalat.de
- update to 3.5.5.0 (2012-12-21)

* sf#3563824 [export] Support Apache\'s mod_deflate

* sf#3585523 [interface] Inline query editing broken after row update

* sf#3586389 [setup] Cannot switch language in /setup

* sf#3585695 [CSS] Font size in inline query editor is way too big

* sf#3588354 [l10n] Portuguese Language not displaying correctly

* sf#3591412 [status] Live charts don\'t work for non-default server

* sf[core] Proxy ajax calls to pma.net to avoid browser notices

* sf#3593534 [tracking] Structure Snapshot on tracked view renders
invalid SQL

* sf#3544366 [events] Event comments not saved

Sat Dec 15 13:00:00 2012 chrisAATTcomputersalat.de
- update to 3.5.4.0 (2012-11-16)

* sf#3570212 [edit] uuid_short() is a no-arguments function

* sf#3569577 [edit] Add routine parameter headers not valid for
\"function\"

* sf#3575799 [search] Various search operators not working as
expected

* sf#3576322 [search] Invalid select query generated for tables with
ENUM fields

* sf#3577468 [display] Incorrect imagejpeg Syntax Breaks Image
Transformation

* sf#3578776 [search] Editing SQL not possible when no records found

* sf#3571970 [interface] Display chart and number of rows to plot

* sf#3582631 [core] Wrong redirect url caused cookies error with
ForceSSL

Mon Nov 5 13:00:00 2012 chrisAATTcomputersalat.de
- update to 3.5.3.0 (2012-10-08)

* sf#3539044 [interface] Browse mode \"Show\" button gives blank page
if no results anymore

* sf#3534979 [interface] Copy Database Ajax feedback vanishes long
before copying is done

* sf#3527531 [interface] GC-maxlifetime warning incorrectly
displayed

* sf#3526916 [interface] Search fails with JS error when tooltips
disabled

* sf#3544366 [interface] Event comments not saved

* sf#3549084 [edit] Can\'t enter date directly when editing inline

* sf#3548491 [interface] Inline query editor doesn\'t work from
search results

* sf#3547825 [edit] BLOB download no longer works

* sf#3541966 [config] Error in generated configuration arrray

* sf#3553551 [GUI] Invalid HTML code in multi submits confirmation
form

* [interface] Designer sometimes places tables on the top menu

* sf#3546277 [core] Call to undefined function __() when config file
has wrong permissions

* sf#3540922 [edit] Error searching table with many fields

* sf#3555104 [edit] Cannot copy a DB with table and views

* sf#3559925 [privileges] Incorrect updating of the list of users

* sf#3561224 [edit] cell edit date field with empty date fills in
current date

* sf#3559955 [edit] current_date from function drop down fails on
update

* sf#3562472 add support for Solaris and FreeBSD system load and
memory display in server status

* sf#3553068 [import] Table import from XML file fails

* replace Highcharts with jqplot for Display chart

* sf#3567684 [edit] Pasting value doesn\'t clear null checkbox

* sf#3570786 [edit] Datepicker for date and datetime fields is
broken
- fix for bnc#788103

* PMASA-2012-6 (CVE-2012-5339)
o http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php

* PMASA-2012-7 (CVE-2012-5368)
o http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php

Tue Aug 21 14:00:00 2012 chrisAATTcomputersalat.de
- update to 3.5.2.2 (2012-08-12)
- [security] Fixed XSS vulnerabilities,
see PMASA-2012-4
- update to 3.5.2.1 (2012-08-03)
- [security] Fixed local path disclosure vulnerability,
see PMASA-2012-3
- fix for bnc#776701

* PMASA-2012-4 (CVE-2012-4345)
- fix for bnc#776698

* PMASA-2012-3 (CVE-2012-4219)

Sun Jul 8 14:00:00 2012 chrisAATTcomputersalat.de
- udpate to 3.5.2 (2012-07-07)

* bug sf#3521416 [interface] JS error when editing index

* bug sf#3521313 [core] Call to undefined function __()

* bug sf#3521016 [edit] NOW() function incorrectly selected

* bug [GUI] Invalid HTML code on transformation_overview.php

* bug sf#3522930 [browse] Missing validation in Ajax mode

* bug Fix popup message on build SQL of import

* bug sf#3523499 [core] Make X-WebKit-CSP work better

* replace Highcharts with jqplot for query profiling, zoom search

* bug sf#3531584 [interface] No form validation in change password
dialog

* bug sf#3531585 [interface] Broken password validation in copy user
form

* bug sf#3531586 [unterface] Add user form prints JSON when user
presses enter

* bug sf#3534121 [config] duplicate line in config.sample.inc.php

* bug sf#3534311 [interface] Grid editing incorrectly parses
ENUM/SET values

* bug sf#3510196 [core] More clever URL rewriting with ForceSSL
- rebase config patch

Sun Jun 3 14:00:00 2012 chrisAATTcomputersalat.de
- update to 3.5.1.0 (2012-05-03)

* bug sf#3510784 [edit] Limit clause ignored when sort order is
remembered

* bug sf#3511471 [interface] View name not seen in navi panel
(MySQL 5.1)

* bug sf#3512916 [display] Right frame reloads after displaying SQL
result(zero rows)

* bug [interface] Fixed missing Codemirror for inline query edit
when exporting a result set

* bug sf#3514490 [auth] Multiple Navigation panels bug still present

* bug sf#3515181 [users] Error in create user + underscore + create
database

* bug sf#3515666 [display] Profiling chart shows wrong data

* bug sf#3516037 [auth] JS includes missing in auth config error page

* bug sf#3516183 [display] Missing image extension

* bug [display] Added missing icons in original theme

* bug sf#3516761 [edit] Query error after search

* bug sf#3516405 [display] Chart title is getting wrong within chart
export

* bug sf#3517021 [interface] Header links except \'More\' hide after
closing dialog

* bug sf#3516817 [interface] \"More\" actions in table structure

* bug sf#3518484 [privileges] PMA_sqlAddSlashes() does not quote the
table names correctly

* bug sf#3518983 [designer] Error messages do not appear in the
Designer

* bug sf#3519747 [interface] Suhosin patch warning incorrectly
displayed

* bug sf#3520107 [interface] Server status page: Incorrect dialog box
titles

* bug sf#3516089 [structure] DROP does not work on defective VIEWs
- rebase config patch

* remove version from patch name

* add missing options

Thu Apr 26 14:00:00 2012 chrisAATTcomputersalat.de
- update to 3.4.11.0

* bug sf#3486970 [import] Exception on XML import

* bug sf#3488777 [navi] $cfg[\'ShowTooltipAliasTB\'] and blank names
in navigation

* bug sf#3512565 [navi] Fixed missing word \"Rows\" in table list
tooltip after click

Mon Apr 2 14:00:00 2012 chrisAATTcomputersalat.de
- update to 3.4.10.2 (fix for bnc#755211)
- [security] Fixed local path disclosure vulnerability,
see PMASA-2012-2
http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php

Thu Feb 23 13:00:00 2012 chrisAATTcomputersalat.de
- fix changelog

* rename bugs , patches (\"{bug,patch} #....\") to fit into
bug naming scheme -> \"sf#....\"

Mon Feb 20 13:00:00 2012 chrisAATTcomputersalat.de
- update to 3.4.10.1 (fix for bnc#747841)

* [security] XSS in replication setup, see PMASA-2012-1
- 3.4.10.0 (2012-02-14)

* sf#3460090 [interface] TextareaAutoSelect feature broken

* sf#3375984 [export] PHP Array export might generate invalid php
code

* sf#3049209 [import] Import from ODS ignores cell that is the same
as cell be fore

* sf#3463933 [display] SELECT DISTINCT displays wrong total records
found

* sf#3458944 [operations] copy table data missing
SET SQL_MODE=\'NO_AUTO_VALUE_ON_ZERO\'

* sf#3469254 [edit] Setting data to NULL and drop-downs

* sf#3477063 [edit] Missing set fields and values in generated
INSERT query

* sf#3460867 [libraries] license issue with TCPDF
(updated to 5.9.145), (fix for bnc#736698)

Wed Dec 28 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.9
- sf#3442028 [edit] Inline editing enum fields with null shows no dropdown
- sf#3442004 [interface] DB suggestion not correct for user with underscore
- sf#3438420 [core] Magic quotes removed in PHP 5.4
- sf#3398788 [session] No feedback when result is empty (signon auth_type)
- sf#3384035 [display] Problems regarding ShowTooltipAliasTB
- sf#3306875 [edit] Can\'t rename a database that contains views
- sf#3452506 [edit] Unable to move tables with triggers
- sf#3449659 [navi] Fast filter broken with table tree
- sf#3448485 [GUI] Firefox favicon frameset regression
- [core] Better compatibility with mysql extension
- [security] Self-XSS on export options (export server/database/table),
see PMASA-2011-20
- [security] Self-XSS in setup (host parameter), see PMASA-2011-19
- fix for bnc#738411

* PMASA-2011-19 (CVE-2011-4780)

* PMASA-2011-20 (CVE-2011-4782)
- rework config patch

Fri Dec 16 13:00:00 2011 chrisAATTcomputersalat.de
- fix changelog

* add missing info for bnc#736772
- fix fdupes

* reduce fdupes to affected files only (./libraries,./themes)

Tue Dec 13 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.8
- sf#3425230 [interface] enum data split at space char (more space to edit)
- sf#3426840 [interface] ENUM/SET editor can\'t handle commas in values
- sf#3427256 [interface] no links to browse/empty views and tables
- sf#3430377 [interface] Deleted search results remain visible
- sf#3428627 [import] ODS import ignores memory limits
- sf#3426836 [interface] Visual column separation
- sf#3428065 [parser] TRUE not recognized by parser
+ sf#3433770 [config] Make location of php-gettext configurable
- sf#3430291 [import] Handle conflicts in some open_basedir situations
- sf#3431427 [display] Dropdown results - setting NULL does not work
- sf#3428764 [edit] Inline edit on multi-server configuration
- sf#3437354 [core] Notice: Array to string conversion in PHP 5.4
- [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the
view name in main panel db Structure page
- sf#3439292 [core] Fail to synchronize column with name of keyword
- sf#3425156 [interface] Add column after drop
- [interface] Avoid showing the password in phpinfo()\'s output
- sf#3441572 [GUI] \'newer version of phpMyAdmin\' message not shown in IE8
- sf#3407235 [interface] Entering the key through a lookup window does not
reset NULL
- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
- [security] Self-XSS on column type (Create index), see PMASA-2011-18
- [security] Self-XSS on column type (table Search), see PMASA-2011-18
- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
- fix for bnc#736772 (CVE-2011-4634, PMASA-2011-18)

Mon Nov 14 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.7.1 (fix for bnc#728243)
- [security] Fixed possible local file inclusion in XML import
(CVE-2011-4107), see PMASA-2011-17
http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php

Wed Oct 26 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.7
- sf#3418610 [interface] Links in navigation when
$cfg[\'MainPageIconic\'] = false
- sf#3418849 [interface] Inline edit shows dropdowns even after closing
- bug [view] View renaming did not work
- bug [navi] Wrong icon for view (MySQL 5.5)
- sf#3420229 [doc] Missing documentation section
- sf#3423725 [pdf] Broken PDF file when exporting database to PDF
- [core] Allow to set language in URL
- sf#3425184 [doc] Fix links to PHP documentation
- sf#3426031 [export] Export to bzip2 is not working
- 3.4.6.0 (2011-10-16)
- sf#3404173 InnoDB comment display with tooltips/aliases
- sf#3404886 [navi] Edit SQL statement after error
- sf#3403165 [interface] Collation not displayed for long enum fields
- sf#3399951 [export] Config for export compression not used
- sf#3400690 [privileges] DB-specific privileges won\'t submit
- sf#3410604 [config] Configuration storage incorrect suggested table name
- sf#3383572 [interface] Cannot execute saved query
- sf#3411535 [display] Full text button unchecks results display options
- sf#3411224 [display] Broken binary column when \'Show binary contents\'
is not set
- sf#3411633 [core] Call to undefined function PMA_isSuperuser()
- sf#3413743 [interface] Display options link missing after search
- sf#3324161 [core] CSP policy causing designer JS buttons to fail
- sf#3412862 [relation] Relations/constraints are dropped/created
on every change
- sf#3390832 [display] Delete records from last page breaks search
- sf#3392150 [schema] PMA_User_Schema::processUserChoice() is broken
- sf#3414744 [core] External link fails in 3.4.5
- sf#3314626 [display] CharTextareaRows is not respected
- sf#3417089 [synchronize] Extraneous db choices
- [security] Fixed local path disclosure vulnerability, see PMASA-2011-15
- [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16

Tue Oct 4 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.5
- sf#3375325 [interface] Page list in navigation frame looks odd
- sf#3313235 [interface] Error div misplaced
- sf#3374802 [interface] Comment on a column breaks inline editing
- sf#3383711 [display] Order by a column in a view doesn\'t work
in some cases
- sf#3386434 [interface] Add missing space to server status
- [core] Remove library PHPExcel, due to license issues
- [export] Remove native Excel export modules (xls and xlsx formats)
- [import] Remove native Excel import modules (xls and xlsx formats)
- sf#3392920 [edit] BLOB emptied after editing another column
- [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14
- [security] Fixed XSS with db/table/column names, see PMASA-2011-14

Sat Aug 27 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.4
- sf#3323060 [parser] SQL parser breaks AJAX requests if query has unclosed
quotes
- sf#3323101 [parser] Invalid escape sequence in SQL parser
- sf#3348995 [config] $cfg[\'Export\'][\'asfile\'] set to false does not select
as Text option
- sf#3340151 [export] Working SQL query exports error page
- sf#3353649 [interface] \"Create an index on X columns\" form not validated
- sf#3350790 [interface] JS error in Table->Structure->Index->Edit
- sf#3353811 [interface] Info message has \"error\" class
- sf#3357837 [interface] TABbing through a NULL field in the inline mode
resets NULL
- remove version number in /setup
- sf#3367993 [usability] Missing \"Generate Password\" button
- sf#3363221 [display] Missing Server Parameter on inline sql query
- sf#3367986 [navi] Drop field -> lost active table
- remove misleading comment on the \"Rename database\" interface
- sf#3374374 [interface] Fix footnote for inexact count while browsing
- sf#3372807 [interface] Fix security warning link in setup
- sf#3374347 [display] Backquotes in normal text on import page
- sf#3358750 [core] With Suhosin, urls are too long in edit links
- [security] Missing sanitization on the table, column and index names leads to
XSS vulnerabilities, see PMASA-2011-13

Fri Jul 29 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.3.2
o PMASA-2011-9 to PMASA-2011-12
http://www.phpmyadmin.net/home_page/security/

Mon Jul 4 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.3.1
- [security] Fixed possible session manipulation in swekey
authentication, see PMASA-2011-5
- [security] Fixed possible code injection incase session variables
are compromised, see PMASA-2011-6
- [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
- [security] Fixed filtering of a file path, which allowed for
directory traversal, see PMASA-2011-8
- 3.4.3.0 (2011-06-27)
- sf#3311170 [sync] Missing helper icons in Synchronize
- sf#3304473 [setup] Redefine a lable that was wrong
- sf#3304544 [parser] master is not a reserved word
- sf#3307616 [edit] Inline edit updates multiple duplicate rows
- sf#3311539 [edit] Inline edit does not escape backslashes
- sf#3313210 [interface] Columns class sometimes changed for nothing
- sf#3313326 [interface] Some tooltips do not disappear
- sf#3315720 [search] Fix search in non unicode tables
- sf#3315741 [display] Inline query edit broken
- sf#3317206 [privileges] Generate password option missing on new accounts
- sf#3317293 [edit] Inline edit places HTML line breaks in edit area
- sf#3319466 [interface] Inline query edit does not escape special characters
- minor XSS (require a valid token)
- add restart_on_update apache to post

Wed Jun 22 14:00:00 2011 chrisAATTcomputersalat.de
- fix changelog
o update to 3.4.2.0 -> update to 3.4.2
- fix bnc#697748 (suhosin customization)
o moved from spec\'s %post to http_conf file

Thu Jun 9 14:00:00 2011 jweberhoferAATTweberhofer.at
- update to 3.4.2
- sf#3301249 [interface] Iconic table operations does not remove inline edit label
- sf#3303869 [interface] Unnecessary scrolling on Databases page
- sf#3303813 [setup] Define a label that was missing
- sf#3305606 [interface] Show all button wraps on privileges page
- sf#3305517 [config] Config for export compression not used
- sf#3305883 [interface] Table is dropped regardless of confirmation
- [auth] Fixed error handling for signon auth method.
- sf#3276001 [core] Avoid caching of index.php.
- sf#3306958 [interface] Unnecessary Details slider
- sf#3308476 [interface] \"Show all\" not persistent after a sort
- sf#3308072 [auth] Version disclosure to anonymous visitors
- sf#3306981 [interface] pmahomme and table statistics

Tue May 24 14:00:00 2011 chrisAATTcomputersalat.de
- update to 3.4.1
- bug sf#3301108 [interface] Synchronize and already configured host
- bug sf#3302457 Inline edit and $cfg[\'PropertiesIconic\']
- Patch #3302313 Show a translated label
- bug sf#3300981 [navi] Table filter is case sensitive
- bug sf#3285929 [privileges] Revert temporary fix
- bug sf#3302872 [synchronize] Synchronize and user name
- bug sf#3302733 [core] Some browsers report an insecure https connection
- [security] Make redirector require valid token
- rework config patch
- removed 3.3.8, added 3.4.1 config patch
- added conftrib to doc
- mod post section
o modify suhosin.ini

Sat Mar 19 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.3.10
- patch sf#3147400 [structure] Aria table size printed as unknown,
thanks to erickoh75 - erickoh75
- patch sf#3150164 [structure] Ordering by size gives incorrect results,
thanks to Madhura Jayaratne - madhuracj
- bug sf#3153409 [core] 0 row(s) affected
- bug sf#3155842 [core] Edit relational page and page number
- [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10
- [lang] German update, thanks to jannicarsAATTusers.sourceforge.net.

Wed Feb 23 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.3.9.2
- [security] SQL injection, see PMASA-2011-2
- 3.3.9.1 (2011-02-08)
- [security] Path disclosure, see PMASA-2011-1
- add macros for ap_usr, ap_grp
- fix perm on sysconfdir
o 0750,root,www

Thu Jan 27 13:00:00 2011 chrisAATTcomputersalat.de
- update to 3.3.9
- bug [doc] Fix references to MySQL doc
- sf#3101490 Default function for TIMESTAMP, thanks to jirand - jirand
- sf#3103853 [js] Double quotes were not escaped in generated js
- sf#3077463 [core] Events were not copied when copying/renaming database
- sf#1762306 [core] Copy database with view of a view
- sf#3117535 [replication] Add quotes to database in initial statement,
thanks to Craig Duncan - duncan3dc
- sf#3112614 [pdf schema] Scratchboard for PDF pages not working
- sf#3125606 [parser] Query for table \"level\" causes strange display
- sf#3127904 [parser] Close all opened round brackets indents
- removed Authors from spec

Fri Dec 3 13:00:00 2010 chrisAATTcomputersalat.de
- update to 3.3.8.1
- sf#3115519 (private) [security] XSS on db search, see PMASA-2010-8
- rework config patch
o add AllowNoPassword

Wed Oct 27 14:00:00 2010 javierAATTopensuse.org
- update to 3.3.8
- sf#3059311 [import] BIGINT field type added to table analysis
- [core] Update library PHPExcel to version 1.7.4
- sf#3062455 [core] copy procedures and routines before tables
- sf#3062455 [export] with SQL, export procedures and routines before tables
- sf#3056023 [import] USE query not working
- sf#3038193 [display] Error when editing row with GEOMETRY column
- sf#3062454 [interface] Display routines/events also when no tables are defin
ed
- support ARIA storage engine as well as its previous name MARIA

Wed Sep 22 14:00:00 2010 mciharAATTsuse.cz
- update to 3.3.7

Wed Jul 7 14:00:00 2010 chrisAATTcomputersalat.de
- update to version 3.3.4
- sf#2996161 [import] properly escape import value
- sf#2998889 [import] Import button does not work in Catalan
- [browse] Fix handling of sort order if only column is specified.
+ [lang] Greek update, thanks to Panagiotis Papazoglou - panos78
+ [lang] Updated lot of translation based on work done in master branch.
- sf#3008411 [databases] Last dropped database remains active in navi
- sf#2986383 [parser] Not all data being shown / counted
- bug [synchronize] Rows were deleted in target table regardless of the
\"Would you like to delete...\" option
- bug [privileges] List of tables not shown when the db name has a wildcard
- sf#3011126 [display] Edit link missing after long query
- sf#3013264 [doc] FAQ 1.40 uses a comma instead of a period,
thanks to Isaac Bennetch - ibennetch
- [engines] Fix getting InnoDB status.
- sf#2986422 [import] Results for query are not displayed

Fri May 21 14:00:00 2010 chrisAATTcomputersalat.de
- update to version 3.3.3
- sf#2982480 [navi] Do not group if there would be one table in group
- sf#2983492 [sync] When asking to synchronize Structure and Data,
only Structure is done
- sf#2984893 [engines] InnoDB storage page emits a warning
- sf#2974687, sf#2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work
- sf#2983066 [interface] Flush table on table operations shows the query twice
- sf#2983060, sf#2987900 [interface] Fix initial state of tables in
designer
- sf#2983062, sf#2989408 [engines] Fix warnings when changing table
engine to Maria
- sf#2974067 [display] non-binary fields shown as hex
- sf#2983065 [operations] Error when changing from Maria to MyISAM engine
- sf#2975408 [tracking] Data too long for column data_sql
- bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL
- bug [edit] Avoid selecting UNHEX function by default for a BLOB column for
which editing is protected
- sf#2994168 [structure] Show auto_increment in uppercase
- sf#2993970 [pdf schema] Page numbering in Table of Contents
- 3.3.2.0 (2010-04-13)
- sf#2969449 [core] Name for MERGE engine varies depending on the
MySQL version, thanks to Dieter Adriaenssens - ruleant
- sf#2966078 [browse] Incorrect LIMIT is saved and sticks while browsing
- sf#2967366 [Structure] Some results of Propose table structure are
shown in hex
- sf#2967565 [insert] UNHEX not selected by default when inserting BINARY
- [navi] Changed link to git repository on main page
- sf#2972232 [menu] Import menu tab not present on main page
- sf#2976790 [menu] Go to the upper level after table DROP,
thanks to Kaarel Nummert - kaarelnu
- sf#2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_
- sf#2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut
- sf#2979234 [import] Create tables with current charset and collation.
- sf#2979234, sf#2960105 [import] Properly import unicode text from ODS.
- sf#2973280 [export] Proper handling of temporary directory in XLS export.
- sf#2980582 [interface] Properly format server status parameter.
- sf#2973949 [session] SQL History broken (revert sf#2899969),
thanks to Dieter Adriaenssens - ruleant
- [doc] Be more specific about problems with Suhosin.

Fri Mar 26 13:00:00 2010 chrisAATTcomputersalat.de
- update to version 3.3.1
- sf#2941037 [core] Database structure not sorted by table correctly
- sf#2948492 [interface] Slide effect masks some fields on search page
- sf#2959746 [interface] Unknown table status: TABLE_TYPE
- sf#2953050 [export] export VIEW as SQL includes INSERT statement
- sf#2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows
- sf#2961609 [auth] Potential information disclosure at login page
- sf#2961540 [export] Do not export data of MERGE table,
thanks to Dieter Adriaenssens - ruleant
- sf#2961198 [parser] Querying a table named \"data\"
- sf#2931429 [structure] Editing long triggers
- sf#2970769 [structure] Incorrect reference to mootools-more.js
- cleanup spec
- fixed HEADER
- sort TAGS
- some macros (ap_...)
- updated description
- added postun
o restart_on_update apache2
- some rpmlint stuff
- fdupes
- reworked patches
- removed blowfish_secret
- removed mysqli.patch
- added config patch
o mods to vendor_config
- replaced Source1
phpmyadmin.conf > phpMyAdmin.http
- config.inc.php to /etc/phpMyAdmin

Wed Mar 10 13:00:00 2010 javierAATTopensuse.org
- Updated to 3.3.0
+ rfe #2308632 [edit] Use hex for (var)binary fields
+ sf#2794819 [navi] Filter for displayed table names
- sf#2794840 [core] Cannot redeclare pma_tableheader()
- rfe #2726479 [core] configurable maximal length of URL
+ sf#2724755 [display] Full/partial text links (big T) are back
- bug [display] handle NavigationBarIconic as documented for navi buttons
+ rfe #2726479 [export] Export tables preselect
+ sf#2805828 [export] PHP array export plugin
+ sf#2798592 [import] Progress bar
- bug [gui] Generate Password not working for \'Change Login Information\', only for \'Change password\'
+ [lang] Arabic update
+ rfe #2822190 [structure] BOOLEAN is standard SQL
+ [lang] German update
+ rfe #2813867 [structure] Default sorting order in list of tables
+ [import] Added MySQL type-detection functionality to import library
+ [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules
+ [export] Added Excel XLSX export module
+ [core] Added ability for tracking changes made through phpMyAdmin
+ rfe #2839504 [engines] Support InnoDB plugin\'s new row formats
+ [core] Added ability for synchronizing databases among servers.
+ [lang] #2843101 Dutch update
+ [lang] Galician update
+ [export] Added MediaWiki export module
+ [lang] Turkish update
+ [auth] Add custom port configuration in signon
- [core] Removed context from the error handler
- sf#2883633 [export] Export of InnoDB table is incomplete
+ rfe #2862575 [status] Order query statistics by % desc, skip rows with 0
+ rfe #2823686 [interface] Increase default height of query window
+ rfe #2129902 [structure] Don\'t hide indexes
+ sf#2812070 [interface] Allow selecting a range of rows by holding shift
+ [lang] Russian update, thanks to Victor Volkov
+ [lang] Greek update, thanks to Panagiotis Papazoglou
+ [lang] Norwegian update, thanks to Sven-Erik Andersen
- sf#2929958 [import] Cannot import (French interface)
- [security] Use X-Frame-Options header to protect against ClickJacking.
+ [lang] Finnish update, thanks to Jouni Kahkonen
+ [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s
- sf#2931939 [status] Seeing \"m\" as unit is confusing
- sf#2926613 [edit] Copy database shows errors when DB has foreign key
+ [lang] Catalan update, thanks to Xavier Navarro

Wed Jan 20 13:00:00 2010 javierAATTopensuse.org
- Updated to 3.2.5
- sf#2903400 [bookmarks] Status of bookmark table,
thanks to Virsacer - virsacer
- bug [history] QueryHistoryDB is not respected
- sf#2905629 [auth] Blowfish secret is not hashed
- sf#2910000 [gui] ShowServerInfo should hide all server info from main page
- sf#2910568 [structure] Table size for ARCHIVE tables is not displayed
- sf#2899969 [core] Session lock blocks working from a second window,
thanks to Greg Roach - fisharebest
- sf#2915168 [import] Incorrect parsing of DELIMITER keyword,
thanks to Greg Roach - fisharebest
- sf#2918831 [export] Missing backquotes on reserved words,
thanks to Virsacer - virsacer
- [core] Fix broken cleanup of $_GET
- sf#2924357 [operations] Cannot rename a database that has foreign key
constraints
- sf#869006 [structure] Ignore number of records for MRG_MyISAM tables
- bug [browse] \"Show BLOB contents\" should display HTML code that is present
in a BLOB, thanks to Vincent van der Tuin
- [privileges] Improve escaping of hostname

Tue Nov 10 13:00:00 2009 javierAATTopensuse.org
- sf#2856664 [export] Date, time, and datetime column types now export correctly to OpenOffice Spreadsheet
- sf#2859788 [parser] Double-character delimiters (sf#2846239)
- sf#2832600 [export] Slow export when having lots of databases
- sf#2537766 [import] Comments are stripped when editing store procedures
- sf#2852370 [operations] Renaming database deletes triggers
- sf#2872247 [interface] Failed opening required \'mysql_charsets.lib.php\'
- bug [structure] \"In use\" table incorrectly reported as \"view\"
- sf#2879909 [interface] Removed double htmlspecialchars when editing enum column
- sf#2868328 [relations] Adding foreign key when table name contains a dot
- sf#2883381 [doc] Side effects of MemoryLimit setting
- sf#2826128 [display] Inverting sort order when expression contains a function name

Fri Sep 18 14:00:00 2009 javierAATTopensuse.org
- sf#2825293 [structure] Default value for a BIT column
- bug [display] Red arrows were reversed in the list of tables
- sf#2813879 [export] Duplicate empty lines when exporting without comments
- sf#2825919 [export] Trigger export with database name
- sf#2823996 [data] Cannot edit row with no PK and a BIT field
- bug [export] Exporting results of a query which contains a LIMIT clause
inside a subquery
- sf#2837722 [export] Run complex SQL then export does not work
- sf#2839548 [export] Triggers order on export
- sf#2826986 [display] Order by BLOB and range display
- bug [display] After clicking on Show Function or Function, the UPDATE query
is not shown after execution
- bug [structure] Missing validation for BINARY and VARBINARY

Sun Aug 16 14:00:00 2009 javierAATTopensuse.org
- sf#2799009 Login with ipv6 IP address breaks redirect
- sf#2796066 [priv] Inconsistent display of databases list
- sf#2802870 [display] Incorrect overhead value for InnoDB
- bug [display] Incorrect display in replication status
- sf#1601625 [display] The Ignore checkbox is not unchecked for ENUM
- sf#2809930 [setup] Notice: Undefined variable: k in setup/index.php
- bug [features] Incorrect report of missing relational features
- [security] XSS: Insufficient output sanitizing (not exploitable without a vali
d token)
thanks to Sven Vetsch/Disenchant for informing us in a responsible manner
- sf#2634827 [import] Using DELIMITER produces infinite cycle
+ new language files: uzbek_cyrillic and urbek_latin
- sf#2814109 [search] Right frame is blank
- sf#2816840 [priv] Cannot change a user\'s details
- sf#2816165 [display] Executed query not always displayed
- sf#2819944 [setup] Incorrect mention of designer_coords
- sf#2821757 [insert] \"Insert another new row\" no longer worked
+ [lang] Norwegian update
- bug [core] PMA_pow() can support negative exponents in the pow() case
+ [lang] Brazilian Portuguese update
- sf#2822384 [docs] Missing auth_type in docs-example
- sf#2819728 [display] Slider effect jumping to top of page
- bug [display] Incorrect computation of overhead stats in server view
for tables under the InnoDB engine
+ [lang] Swedish update

Fri Jul 24 14:00:00 2009 javierAATTopensuse.org
- First security release for phpMyAdmin 3.2.0

Sun Jun 28 14:00:00 2009 javierAATTopensuse.org
- update to 3.2.0


 
ICM