SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for phpMyAdmin-4.9.7-2.2.noarch.rpm :

* Fri Oct 16 2020 Andreas Stieger - phpMyAdmin 4.9.7:
* Fix two factor authentication that was broken in 4.9.6
* Fix incompatibilities with older PHP versions
* Mon Oct 12 2020 ecsos - Update to 4.9.6 This is a security release.- Fix boo#1177561 (CVE-2020-26934, PMASA-2020-5) XSS relating to the transformation feature- Fix boo#1177562 (CVE-2020-26935, PMASA-2020-6) SQL injection vulnerability in SearchController
* Sun May 03 2020 chrisAATTcomputersalat.de- fix for boo#1170743 phpMyAdmin installation wipes it\'s sysconfig apache_server_flag entry
* Sat May 02 2020 Arjen de Korte - Don\'t expand AATTFQDNAATT from /etc/HOSTNAME (this used to set $cfg[\'PmaAbsoluteUri\'] parameter, but this variable is no longer in the config.sample.ini file)
* Thu Apr 23 2020 Dominique Leuenberger - Drop python-devel BuildRequires: python2 is EOL and this seems unused.- Drop xz BuildRequires: OBS takes care of unpacking the tarball.
* Mon Mar 23 2020 ecsosAATTopensuse.org- Update to 4.9.5 This is a security release containing several bug fixes.
* CVE-2020-10804: SQL injection vulnerability in the user accounts page, particularly when changing a password (boo#1167335, PMASA-2020-2)
* CVE-2020-10802: SQL injection vulnerability relating to the search feature (boo#1167336, PMASA-2020-3)
* CVE-2020-10803: SQL injection and XSS having to do with displaying results (boo#1167337, PMASA-2020-4)
* Removing of the \"options\" field for the external transformation.
* Tue Jan 21 2020 chrisAATTcomputersalat.de- fix for boo#1092345
* change ap_docroot from /srv/www/htdocs to /usr/share work is based on changes provided by ecsosAATTopensuse.org if phpMyAdmin.conf for apache was changed by local admin, we will create a backup and replace the original file with the new version sorry admins, but you need to apply your changes again
* needed Alias /phpMyAdmin is an enabled APACHE_SERVER_FLAGS default for more info have a look into /etc/apache2/conf.d/phpMyAdmin.conf- cleanup tmp/twig on
* uninstall
* ap_docroot change
* Wed Jan 08 2020 chrisAATTcomputersalat.de- update to 4.9.4 (2020-01-07)
* https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_4_9_4/ChangeLog- fix for boo#1160456
* PMASA-2020-1 (CVE-2020-5504, CWE-661) https://www.phpmyadmin.net/security/PMASA-2020-1/ - SQL injection in user accounts page- fix changes about corresponding PMASA
* Mon Dec 30 2019 ecsosAATTopensuse.org- phpMyAdmin 4.9.3
* Several PHP notices and warnings including \"Undefined index table_create_time,\" a notice about error_reporting() being disabled for security reasons, and several Undefined Index errors.
* Support CloudFront-Forwarded-Proto header for Amazon CloudFront proxy
* Early compatibility with development versions of PHP 8
* Fix replication actions (start, stop, etc)
* Sat Nov 23 2019 Andreas Stieger - phpMyAdmin 4.9.2:
* CVE-2019-18622: SQL injection in Designer feature (PMASA-2019-5, boo#1157614)
* Fixes for \"Failed to set session cookie\" error
* Advisor with MySQL 8.0.3 and newer
* Fix PHP deprecation errors
* Fix a situation where exporting users after a delete query could remove users
* Fix incorrect \"You do not have privileges to manipulate with the users!\" warning
* Fix copying a database\'s privileges and several other problems moving columns with MariaDB
* Fix for phpMyAdmin not selecting all the values when using shift-click to select during Export
* Sat Sep 21 2019 Andreas Stieger - phpMyAdmin 4.9.1:
* CVE-2019-12922: hardening against CSRF (no PMASA, boo#1150914)
* Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer
* Compatibility issues with PHP 8
* Export of GIS visualization
* Enhanced descriptions for several collation types
* Creating a user with a single quote in the password string
* Unexpected quotes during import and export on text fields
* Improvements to adding new tables to Designer
* Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server
* Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script
* Sun Jun 30 2019 chrisAATTcomputersalat.de- fix changelog
* add missing boo# with relation to CVE and PMASA- rebase phpMyAdmin-config.patch
* Wed Jun 05 2019 ecsosAATTopensuse.org- phpMyAdmin 4.9.0.1:
* Several issues with SYSTEM VERSIONING tables
* Fixed json encode error in export
* Fixed JavaScript events not activating on input (sql bookmark issue)
* Show Designer combo boxes when adding a constraint
* Fix edit view
* Fixed invalid default value for bit field
* Fix several errors relating to GIS data types
* Fixed javascript error PMA_messages is not defined
* Fixed import XML data with leading zeros
* Fixed php notice, added support for \'DELETE HISTORY\' table privilege (MariaDB >= 10.3.4)
* Fixed MySQL 8.0.0 issues with GIS display
* Fixed \"Server charset\" in \"Database server\" tab showing wrong information
* Fixed can not copy user on Percona Server 5.7
* Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems- fix for boo#1137497
* PMASA-2019-4 (CVE-2019-12616, CWE-661) https://www.phpmyadmin.net/security/PMASA-2019-4/ - CSRF vulnerability in login form- fix for boo#1137496
* PMASA-2019-3 (CVE-2019-11768, CWE-661) https://www.phpmyadmin.net/security/PMASA-2019-3/ - SQL injection in Designer feature
* Fri Feb 01 2019 andreas.stiegerAATTgmx.de- phpMyAdmin 4.8.5:
* CVE-2019-6799: Arbitrary file read vulnerability (PMASA-2019-1, bsc#1123272)
* CVE-2019-6798: SQL injection in the Designer interface PMASA-2019-2, bsc#1123271)
* Fix rxport to SQL format not available
* Fix QR code not shown when adding two-factor authentication to a user account
* Fix issue with adding a new user in MySQL 8.0.11 and newer
* Fix frozen interface relating to Text_Plain_Sql plugin
* Fix missing table level operations tab
* Wed Dec 12 2018 ecsosAATTopensuse.org- update to 4.8.4 (2018-12-11) - gh#14452 Remove hash param in edit query URL - gh#14295 Issue in Changing theme - gh#13267 Ensure that database names with \'.\' are handled properly when DisableIS is true - gh#14438 Invisible Icon \"Show Full Queries\" - gh#14133 CSS issue in Designer - gh#14447 Error while copying database (pma__column_info) - gh#14571 \"No database selected\" - DROP a view - gh#14636 Move operation causes SELECT
* FROM `undefined` - gh#14630 Enum \'0\' produces incorrect search SQL - gh#14223 Fix TypeError in database designer - gh#13621 QBE selenium tests broken since merge of #13342 - gh#14672 When logging with $cfg[\'AuthLog\'] to syslog, successful login messages were not logged even if $cfg[\'AuthLogSuccess\'] was true. - gh#14339 Fix infinite loop when sorting table rows by key. - gh#14658 Regression on multi table query functionality (foreign keys) - gh#14617 Fix designer errors when database is empty - gh#13032 Fix designer errors when database contains special chars - gh#14352 Fix designer javascript errors - gh#14764 Fix left/right icons hidden- fix for boo#1119245 - PMASA-2018-6 (CVE-2018-19968, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-6/ - PMASA-2018-7 (CVE-2018-19969, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-7/ - PMASA-2018-8 (CVE-2018-19970, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-8/
* Thu Aug 23 2018 ecsosAATTopensuse.org- update to 4.8.3 (2018-08-22) - gh#14314 Error when naming a database \'0\' - gh#14333 Fix NULL as default not shown - gh#14229 Fixes issue with recent table list - gh#14045 Fix slow performance on DB structure filtering - gh#14327 Fix Editing server variable not showing save or cancel option - gh#14377 Populate options for view create and edit - gh#14171 2FA configuration fails if PHP doesn\'t have GD support - gh#14390 Can\'t unhide tables - gh#14382 \"Visualize GIS data\" icon missing - gh#14435 Event scheduler status toggle doesn\'t work - gh#14365 View not working on multiple servers - gh#14207 Partition actions in table structure do not work - gh#14375 Fixes ERR_BLOCKED_BY_XSS_AUDITOR on export table - gh#14552 Blank message shown instead of MySQL error when adding trigger and other locations - gh#14525 Fix PHP 7.3 warning: \"continue\" in \"switch\" is equal to \"break\" - gh#14554 Icon missing when creating a new trigger, routine, and event - gh#14422 Table comment not showing since 4.8.1 - gh#14426 Drop table doesn\'t work when you copy tables to another database - gh#14581 Escaped HTML in \'Add a new server\' setup - gh#14548 [security] HTML injection in import warning messages, see PMASA-2018-5- fix for boo#1105726 - PMASA-2018-5 (CVE-2018-15605, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-5/
* Tue Jul 31 2018 chrisAATTcomputersalat.de- fix for boo#1103305
* add missing dependency for php-ctype
* Fri Jun 22 2018 chrisAATTcomputersalat.de- update to 4.8.2 (2018-06-21)
* issue #14370 WHERE 0 causes Fatal error
* issue #14225 Fix missing index icon- fix for boo#1098752
* PMASA-2018-3 (CVE-2018-12581, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-3/ - XSS in Designer feature- fix for boo#1098751
* PMASA-2018-4 (CVE-2018-12613, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-4/ - File inclusion and remote code execution attack- some minor changelog fixes about security fix entries
* Sat May 26 2018 ecsosAATTopensuse.org- update to 4.8.1 (2018-05-25)
* gh#12772 Fix case where the central columns attributes don\'t get filled in
* gh#14049 Fix case where the query builder doesn\'t work when selected column is
*
* gh#14029 Revert \"Browse\" table CSS overflow
* gh#14241 Dropping indexes and foreign keys fail
* gh#14227 Relational linking broken
* gh#14246 Fixed error in configuration storage zero config
* gh#14128 Show 2FA Secret next to QR code
* gh#14212 XML Export from single table throws fatal error
* gh#14239 Line and some other charts ignore result set order of values chosen for the x-axis
* gh#14260 Fixed configuration for DefaultLang and Lang
* gh#14264 Linking for \'Distinct values\' broken
* gh#13968 Fix MariaDB 10.2 current_timestamp()
* gh#14249 Fix for missing go button in view edit
* gh#14125 Fix for issues with spatial fields
* gh#14189 Remember table\'s sorting broken
* gh#14289 Fix multi-column sorting
* gh#14278 Fix central columns in-line edit bug
* gh#14066 Fix AUTO_INCREMENT error when only exporting table structure in database-level exports
* gh#13893 Simulating queries produces unexpected results
* gh#14309 Setup script icons missing
* Fri Apr 20 2018 ecsosAATTopensuse.org- update to 4.8.0.1 (2018-04-19)- fix for boo#1090309
* PMASA-2018-2 (CVE-2018-10188, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-2/ - Multiple CSRF vulnerabilities
* Wed Apr 11 2018 ecsosAATTopensuse.org- fix wrong require /usr/bin/bash to /bin/bash so phpMyAdmin could install- insert missing templates dir in htaccess See https://docs.phpmyadmin.net/de/latest/setup.html#securing-your-phpmyadmin-installation- create tmp dir and insert this in htaccess to fix the errormessage after login
* Wed Apr 11 2018 javierAATTopensuse.org- spec clean up
* Let rpm find the library dependencies by itself. Remove unneeded explicit Requires: tags (php-zlib)
* Remove logic for obsolete openSUSE releases
* Ignore pem-certificate rpmlint warning (see libraries/certs/README.rst)
* Remove hidden .github, .php_cs.dist, .scrutinizer.yml and .editorconfig
* Remove php_twig.h and twig.c (devel)
* Set proper shebang for bash and php scripts
* Make phpmyadmin/sql-parser/bin/
*-query and paragonie/random_compat/
*.sh executable
* Wed Apr 11 2018 javierAATTopensuse.org- update to 4.8.0 (2018-04-07)
* gh#12946 Allow to export JSON with unescaped unicode chars
* gh#12983 Disable login button without solved reCaptcha
* gh#12315 Allow to remove individual segments from pie charts
* gh Change label from \"Improve table structure\" to \"Normalize\" to match standard terminology
* gh#13087 Offer login as different user on access denied from MySQL
* gh#13110 Indicate when HTTPS is not properly reported on the server
* gh#13119 No database selected error when adding foreign key
* gh#12388 Improved database search to allow search for exact phrase match
* gh#13099 Report error when trying to copy database to same name
* gh#13167 Themes now have to contain metadata in theme.json
* gh#6363 phpMyAdmin no longer requires eval() in PHP
* gh#12386 The mbstring dependency is now optional
* gh#13269 Small refactoring in preparation to CSP
* gh#13384 Database link broken in Databases Page
* gh#13391 Configurable authentication logging using $cfg[\'AuthLog\']
* gh#13086 Add support for Google Invisible Captcha
* gh#13058 Improved error reporting for reCAPTCHA
* gh#12899 Improved rendering of server variables table
* gh#12948 Fixed javascript editor for TIME values
* gh#13095 Fixed alignment of foreign keys editing
* gh#12944 Improved inline editor for JSON
* gh#13145 Improved layout of operations pages
* gh#13448 Add \"format\" query button in edit view form
* gh#6241 Implement Responsive Design/mobile interface
* gh Use a single location for classes under PhpMyAdmin namespace
* gh#12354 Indicate SSL status on main page
* gh#5666 Configuration directives for defaults of Transformation options
* gh#12261 Remove inline JavaScript
* gh#13408 Show MySQL warnings when executing SQL queries
* gh#5827 Allow Designer to show tables from other databases
* gh#13268 Replace Query-By-Example with multi-table query generator interface
* gh#13576 Add privileges export to per-database listing
* gh Consolidate functions into class files
* gh#13560 Add support for changing collation for all tables and columns in database
* gh#13303 Add support for creating fulltext index from table structure
* gh#13711 Lower default value for $cfg[\'MaxExactCount\']
* gh#13722 DisableIS is not fully honored
* gh#6197 Added support for authentication using U2F and 2FA
* gh#13480 Avoid removing cookies on upgrade
* gh#13397 Remember state of navigation panel
* gh#11688 Reduced cookie usage
* gh#13466 Better utilization of user preferences
* gh#14042 Rename PMD to Designer
* gh#13940 Honor arg_separator in AJAX requests
* gh#14060 Can\'t edit rows in Internet Explorer
* gh#14096 Internet Explorer compatibility; fixes JavaScript error Object doesn\'t support property or method \'startsWith\'
* Tue Mar 06 2018 ecsosAATTopensuse.org- update to 4.7.9 (2018-03-05)
* gh#13931 Fixed browsing tables with more results
* gh#13927 \"Not an integer\" when browsing a table
* gh#13887 \"Input variables exceeded 1000\" error relating to PHP\'s max_input_vars directive
* Thu Feb 22 2018 astiegerAATTsuse.com- phpMyAdmin 4.7.8:
* Fixed error handling with PHP 7.2
* Fixed resetting default setting values
* Fixed fallback value for collation connection- fix for boo#1082188
* PMASA-2018-1 (CVE-2018-7260, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-1/ - Fix XSS in Central Columns Feature
 
ICM