|
|
|
|
Changelog for phpMyAdmin-5.1.1-3.1.noarch.rpm :
* Sat Jun 05 2021 ecsos - Update to 5.1.1 - Fixes for several PHP errors - Fixes for \"$cfg[\'DefaultTabDatabase\']\" and other related configuration directives not working properly - Fix Yaml export to quote strings even when they are numeric - Fix TCPDF open_basedir issue due to internal guessing code from TCPDF - Fix for quick search not working when using more than one configured server Fix datetime decimals displayed (.00000) after edit - Fix new lines in text fields are doubled - Fixed URL generation by removing un-needed & escaping for & char - Improvements for working with PHP 8.1 - Improved handling of adding a new user with the Percona database server For a detail cahngelog see: https://demo.phpmyadmin.net/master-config/index.php?route=/changelog * Fri Feb 26 2021 ecsos - Update to 5.1.0 - issue #15350 Change Media (MIME) type references to Media type - issue #15377 Add a request router - issue Automatically focus input in the two-factor authentication window - issue #15509 Replace gender-specific pronouns with gender-neutral pronouns - issue #15491 Improve complexity of generated passwords - issue #14909 Add a configuration option to define the 1st day of week - issue #12726 Made user names clickable in user accounts overview - issue #15729 Improve virtuality dropdown for MariaDB > 10.1 - issue #15312 Added an option to perform ALTER ONLINE (ALGORITHM=INPLACE) when editing a table structure - issue Added missing \'IF EXISTS\' to \'DROP EVENT\' when exporting databases - issue #15232 Improve the padding in query result tool links - issue #15064 Support exporting raw SQL queries - issue #15555 Added ip2long transformation - issue #15194 Fixed horizontal scroll on structure edit page - issue #14820 Move table hide buttons in navigation to avoid hiding a table by mistake - issue #14947 Use correct MySQL version if the version is 8.0 or above for documentation links - issue #15790 Use \"MariaDB Documentation\" instead of \"MySQL Documentation\" on a MariaDB server - issue #15880 Change \"Show Query\" link to a button - issue #13371 Automatically toggle the radio button to \"Create a page and save it\" on Designer - issue #12969 Tap and hold will not dismiss the error box anymore, you can now copy the error - issue #15582 Don\'t disable \"Empty\" table button after clicking it - issue #15662 Stay on the structure page after editing/adding/dropping indexes - issue #15663 show structure after adding a column - issue #16005 Remove symfony/yaml dependency - issue #16005 Improve performance of dependency injection system by removing yaml parsing - issue #15447 Disable phpMyAdmin storage database checkbox on databases list - issue #16001 Add autocomplete attributes on login form - issue #13519 Add \"Preview SQL\" option on Index dialog box when creating a new table - issue #15954 Fixed export maximal length of created query input is too small - issue Redesign the server status advisor page - issue #13124 Use same height for SQL query textarea and Columns select in SQL page - issue #16005 Add a new vendor constant \"CACHE_DIR\" that defaults to \"libraries/cache/\" and store routing cache into this folder - issue #16005 Warm-up the routing cache before building the release - issue #16005 Use --optimize-autoloader when installing composer vendors before building the release - issue #15992 Add back the table name to the printable version on \"Structure\" page - issue #14815 Allow simplifying exported view syntax to only \"CREATE VIEW\" - issue #15496 Add $cfg[\'CaptchaSiteVerifyURL\'] for Google ReCaptcha siteVerifyUrl - issue #14772 Add the password_hash PHP function as an option when inserting data - issue #15136 Add a notice for Hex converter giving invalid results - issue #16139 Use a textarea for JSON columns - issue #16223 Make JSON input transformation editor less narrow - issue #14340 Add a button on Export Page to show the SQL Query - issue #16304 Add support for INET6 column type - issue #16337 Fix example insert/update query default values - issue #12961 Remove indexes from table relation - issue #13557 Use a full list of functions instead of a separated one on insert/edit page \"Function\" selector - issue #14795 Include routines in the export in a predictable order - issue #16227 Fixed autocomplete is not working in case the table name is quoted by \"`\" symbols - issue #15463 Force BINARY comparison when looking at privileges to avoid an SQL error on privileges tab - issue #16430 Fixed Windows error message uses trailing / instead of \\ - issue #16316 Added support for \"SameSite=Strict\" on cookies using configuration \"$cfg[\'CookieSameSite\']\" - issue #16451 Fixed AWS RDS IAM authentication doesn\'t work because pma_password is truncated - issue #16451 Show an error message when the security limit is reached instead of silently trimming the password to avoid confusion - issue #15001 Add back Login Cookie Validity setting to the features form - issue #16457 Add config parameters to support third-party ReCaptcha v2 compatible APIs like hCaptcha - issue #13077 Moved tools section to left on large devices (Bootstrap xl) - issue #15711 Moved some buttons to left on large devices (Bootstrap xl) - issue #15584 Add $cfg[\'MysqlSslWarningSafeHosts\'] to set the red text black when ssl is not used on a private network - issue #15652 Replace deprecated FOUND_ROWS() function call on \"distinct values\" feature - issue Export blobs as hex on JSON export - issue #16095 Fix leading space not shown in a CHAR column when browsing a table - issue Make procedures/functions SQL editor both side scrollable - issue #16407 Bump pragmarx/google2fa conflict to >8.0 - issue #14953 Added a rename Button to use RENAME INDEX syntax of MySQL 5.7 (and MariaDB >= 10.5.2) - issue #16477 Fixed no Option to enter TABLE specific permissions when the database name contains an \"_\" (underscore) - issue #16498 Fixed empty text not appearing after deleting all Routines - issue #16467 Fixed a PHP notice \"Trying to access array offset on value of type null\" on Designer PDF export - issue #15658 Fixed saving UI displayed columns on a non database request fails - issue #16495 Fix drop tables checkbox is above the checkbox for foreign keys - issue #16485 Fix visual query builder missing \"Build Query\" button - issue #16565 Added \'IF EXISTS\' to \'DROP EVENT\' when updating events to avoid replication issues - issue Removed metro fonts that where Apache-2.0 files that are incompatible with GPL-2.0 - issue #16464 Made the relation view default to the current database when creating relations - issue #16463 Fixed \'REFERENCES\' privilege checkbox\'s title on new MySQL versions and on MariaDB - issue #16405 Added jest as a Unit Testing tool for our javascript code - issue #16252 Fixed the too small font size when editing rows (textareas) - issue #16585 Fixed BLOB to JPG transformation PHP errors - issue Made the console setup async to avoid blocking the page render - issue #16429 Use PHP 8.0 fixed version (commit) for TCPDF - issue #16005 Major performance improvements on browsing a lot of rows - issue #16595 Fixed editing columns having a `_` in their name in specific conditions - issue #16608 Fix \"Sort by key\" restore auto saved value - issue #16611 Fixed unable to add tables to rename aliases twice on Export - issue #16621 Fixed link HTML messed up in Advisor - issue #16622 Fixed Advisor formatting incorrect for long_query_time notice - issue #15389 Fixed reset current page indicator after deleting all rows to current page and not page 1 - issue #15997 Fixed auto save query - issue #15997 Made auto saved query database or database+table independent - issue #16641 Fixed query generation that was allowing JSON to have a length - issue #15994 Fixed the selected value detection for \"on update current_timestamp\" - issue #16614 Fixed PHP 8.0 dataseek offset call to the MySQLI extension - issue #16662 Fixed Uncaught TypeError on \"delete\" button click of a database search results page - issue Fixed Undefined index: selected_usr when the user tried to delete no selected user - issue #16657 Fixed the QBE interface when the configuration storage is not enabled - issue #16479 Fix our Selenium test-suite - issue #16669 Fixed table search modal for BETWEEN - issue #16667 Fixed LIKE and TINYINT in search not working properly - issue #16424 Fixed numerical search in table and zoom - issue Improve the version handling (new Version class) and add a VERSION_SUFFIX for vendors - issue #14494 Fix uncaught TypeError when editing partitioning - issue #16525 Fix PHP 8.0 failing tests when comparing 0 to \'\' - issue #16429 Fixed PHP 8.0 errors on preg_replace and operand types - issue #16490 Fixed PHP 8.0 function libxml_disable_entity_loader() is deprecated - issue #16429 Fixed failing unit tests on PHP 8.0 - issue #16609 Fixed Sql.rearrangeStickyColumns is not a function- Rebase phpMyAdmin-config.patch. * Tue Dec 22 2020 Arjen de Korte - Use coreutils to generate blowfish secret to reduce dependencies * Tue Dec 15 2020 Arjen de Korte - Attempt to migrate modified configuration file rather than just replacing it by default configuration * Tue Dec 15 2020 Arjen de Korte - The apache subpackage must require the main package, otherwise it will not be uninstalled when the main package is uninstalled * Sun Dec 13 2020 Arjen de Korte - Generate blowfish secret and enable Apache modules/flags only on install- Only empty temporary directory on upgrade/uninstall (not remove) to prevent RPM warnings/errors- Don\'t empty directories not owned by this package (these should have been cleaned up by previous versions that owned them) * Sun Dec 13 2020 Arjen de Korte - Use %apache_request_restart/%apache_restart_if_needed macros to restart apache in order to prevent unneccessary restarts * Fri Dec 11 2020 Arjen de Korte - Package language files in separately * Fri Dec 11 2020 Arjen de Korte - Put Apache configuration files in separate subpackage- Generate blowfish secret with openssl on non-openSUSE systems as pwgen is not available * Thu Dec 10 2020 Arjen de Korte - Use system apache rpm macros * Mon Nov 09 2020 ecsos - Update to 5.0.4 - issue #16245 Fix failed Zoom search clears existing values - issue Fixed a PHP error when reporting a particular JS error - issue #16326 Fixed latitude and longitude swap for geometries in edit mode - issue #16032 Fix CREATE TABLE not being tracked when auto tracking is enabled - issue #16397 Fix compatibility problems with older PHP versions (also issue #16399) - issue #16396 Fix broken two-factor authentication- Changes from 5.0.3 - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_3/ChangeLog- Changes from 5.0.2 - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_2/ChangeLog- Changes from 5.0.1 - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_1/ChangeLog- Changes from 5.0.0 - https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_5_0_0/ChangeLog- Set php >= 7.4 as recommends because: Due to changes in the MySQL authentication method, PHP versions prior to 7.4 are unable to authenticate to a MySQL 8.0 or newer server (our tests show the problem actually began with MySQL 8.0.11). This relates to a PHP bug https://bugs.php.net/bug.php?id=76243.- Remove Suggests: php-mcrypt as described in boo#1050980- Change tmpdir from ap_docroot/tmp to localstatedir/cache/phpMyAdmin. * Fri Oct 16 2020 Andreas Stieger - phpMyAdmin 4.9.7: * Fix two factor authentication that was broken in 4.9.6 * Fix incompatibilities with older PHP versions * Mon Oct 12 2020 ecsos - Update to 4.9.6 This is a security release.- Fix boo#1177561 (CVE-2020-26934, PMASA-2020-5) XSS relating to the transformation feature- Fix boo#1177562 (CVE-2020-26935, PMASA-2020-6) SQL injection vulnerability in SearchController * Sun May 03 2020 chrisAATTcomputersalat.de- fix for boo#1170743 phpMyAdmin installation wipes it\'s sysconfig apache_server_flag entry * Sat May 02 2020 Arjen de Korte - Don\'t expand AATTFQDNAATT from /etc/HOSTNAME (this used to set $cfg[\'PmaAbsoluteUri\'] parameter, but this variable is no longer in the config.sample.ini file) * Thu Apr 23 2020 Dominique Leuenberger - Drop python-devel BuildRequires: python2 is EOL and this seems unused.- Drop xz BuildRequires: OBS takes care of unpacking the tarball. * Mon Mar 23 2020 ecsosAATTopensuse.org- Update to 4.9.5 This is a security release containing several bug fixes. * CVE-2020-10804: SQL injection vulnerability in the user accounts page, particularly when changing a password (boo#1167335, PMASA-2020-2) * CVE-2020-10802: SQL injection vulnerability relating to the search feature (boo#1167336, PMASA-2020-3) * CVE-2020-10803: SQL injection and XSS having to do with displaying results (boo#1167337, PMASA-2020-4) * Removing of the \"options\" field for the external transformation. * Tue Jan 21 2020 chrisAATTcomputersalat.de- fix for boo#1092345 * change ap_docroot from /srv/www/htdocs to /usr/share work is based on changes provided by ecsosAATTopensuse.org if phpMyAdmin.conf for apache was changed by local admin, we will create a backup and replace the original file with the new version sorry admins, but you need to apply your changes again * needed Alias /phpMyAdmin is an enabled APACHE_SERVER_FLAGS default for more info have a look into /etc/apache2/conf.d/phpMyAdmin.conf- cleanup tmp/twig on * uninstall * ap_docroot change * Wed Jan 08 2020 chrisAATTcomputersalat.de- update to 4.9.4 (2020-01-07) * https://github.com/phpmyadmin/phpmyadmin/blob/RELEASE_4_9_4/ChangeLog- fix for boo#1160456 * PMASA-2020-1 (CVE-2020-5504, CWE-661) https://www.phpmyadmin.net/security/PMASA-2020-1/ - SQL injection in user accounts page- fix changes about corresponding PMASA * Mon Dec 30 2019 ecsosAATTopensuse.org- phpMyAdmin 4.9.3 * Several PHP notices and warnings including \"Undefined index table_create_time,\" a notice about error_reporting() being disabled for security reasons, and several Undefined Index errors. * Support CloudFront-Forwarded-Proto header for Amazon CloudFront proxy * Early compatibility with development versions of PHP 8 * Fix replication actions (start, stop, etc) * Sat Nov 23 2019 Andreas Stieger - phpMyAdmin 4.9.2: * CVE-2019-18622: SQL injection in Designer feature (PMASA-2019-5, boo#1157614) * Fixes for \"Failed to set session cookie\" error * Advisor with MySQL 8.0.3 and newer * Fix PHP deprecation errors * Fix a situation where exporting users after a delete query could remove users * Fix incorrect \"You do not have privileges to manipulate with the users!\" warning * Fix copying a database\'s privileges and several other problems moving columns with MariaDB * Fix for phpMyAdmin not selecting all the values when using shift-click to select during Export * Sat Sep 21 2019 Andreas Stieger - phpMyAdmin 4.9.1: * CVE-2019-12922: hardening against CSRF (no PMASA, boo#1150914) * Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer * Compatibility issues with PHP 8 * Export of GIS visualization * Enhanced descriptions for several collation types * Creating a user with a single quote in the password string * Unexpected quotes during import and export on text fields * Improvements to adding new tables to Designer * Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server * Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script * Sun Jun 30 2019 chrisAATTcomputersalat.de- fix changelog * add missing boo# with relation to CVE and PMASA- rebase phpMyAdmin-config.patch * Wed Jun 05 2019 ecsosAATTopensuse.org- phpMyAdmin 4.9.0.1: * Several issues with SYSTEM VERSIONING tables * Fixed json encode error in export * Fixed JavaScript events not activating on input (sql bookmark issue) * Show Designer combo boxes when adding a constraint * Fix edit view * Fixed invalid default value for bit field * Fix several errors relating to GIS data types * Fixed javascript error PMA_messages is not defined * Fixed import XML data with leading zeros * Fixed php notice, added support for \'DELETE HISTORY\' table privilege (MariaDB >= 10.3.4) * Fixed MySQL 8.0.0 issues with GIS display * Fixed \"Server charset\" in \"Database server\" tab showing wrong information * Fixed can not copy user on Percona Server 5.7 * Updated sql-parser to version 4.3.2, which fixes several parsing and linting problems- fix for boo#1137497 * PMASA-2019-4 (CVE-2019-12616, CWE-661) https://www.phpmyadmin.net/security/PMASA-2019-4/ - CSRF vulnerability in login form- fix for boo#1137496 * PMASA-2019-3 (CVE-2019-11768, CWE-661) https://www.phpmyadmin.net/security/PMASA-2019-3/ - SQL injection in Designer feature * Fri Feb 01 2019 andreas.stiegerAATTgmx.de- phpMyAdmin 4.8.5: * CVE-2019-6799: Arbitrary file read vulnerability (PMASA-2019-1, bsc#1123272) * CVE-2019-6798: SQL injection in the Designer interface PMASA-2019-2, bsc#1123271) * Fix rxport to SQL format not available * Fix QR code not shown when adding two-factor authentication to a user account * Fix issue with adding a new user in MySQL 8.0.11 and newer * Fix frozen interface relating to Text_Plain_Sql plugin * Fix missing table level operations tab * Wed Dec 12 2018 ecsosAATTopensuse.org- update to 4.8.4 (2018-12-11) - gh#14452 Remove hash param in edit query URL - gh#14295 Issue in Changing theme - gh#13267 Ensure that database names with \'.\' are handled properly when DisableIS is true - gh#14438 Invisible Icon \"Show Full Queries\" - gh#14133 CSS issue in Designer - gh#14447 Error while copying database (pma__column_info) - gh#14571 \"No database selected\" - DROP a view - gh#14636 Move operation causes SELECT * FROM `undefined` - gh#14630 Enum \'0\' produces incorrect search SQL - gh#14223 Fix TypeError in database designer - gh#13621 QBE selenium tests broken since merge of #13342 - gh#14672 When logging with $cfg[\'AuthLog\'] to syslog, successful login messages were not logged even if $cfg[\'AuthLogSuccess\'] was true. - gh#14339 Fix infinite loop when sorting table rows by key. - gh#14658 Regression on multi table query functionality (foreign keys) - gh#14617 Fix designer errors when database is empty - gh#13032 Fix designer errors when database contains special chars - gh#14352 Fix designer javascript errors - gh#14764 Fix left/right icons hidden- fix for boo#1119245 - PMASA-2018-6 (CVE-2018-19968, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-6/ - PMASA-2018-7 (CVE-2018-19969, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-7/ - PMASA-2018-8 (CVE-2018-19970, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-8/ * Thu Aug 23 2018 ecsosAATTopensuse.org- update to 4.8.3 (2018-08-22) - gh#14314 Error when naming a database \'0\' - gh#14333 Fix NULL as default not shown - gh#14229 Fixes issue with recent table list - gh#14045 Fix slow performance on DB structure filtering - gh#14327 Fix Editing server variable not showing save or cancel option - gh#14377 Populate options for view create and edit - gh#14171 2FA configuration fails if PHP doesn\'t have GD support - gh#14390 Can\'t unhide tables - gh#14382 \"Visualize GIS data\" icon missing - gh#14435 Event scheduler status toggle doesn\'t work - gh#14365 View not working on multiple servers - gh#14207 Partition actions in table structure do not work - gh#14375 Fixes ERR_BLOCKED_BY_XSS_AUDITOR on export table - gh#14552 Blank message shown instead of MySQL error when adding trigger and other locations - gh#14525 Fix PHP 7.3 warning: \"continue\" in \"switch\" is equal to \"break\" - gh#14554 Icon missing when creating a new trigger, routine, and event - gh#14422 Table comment not showing since 4.8.1 - gh#14426 Drop table doesn\'t work when you copy tables to another database - gh#14581 Escaped HTML in \'Add a new server\' setup - gh#14548 [security] HTML injection in import warning messages, see PMASA-2018-5- fix for boo#1105726 - PMASA-2018-5 (CVE-2018-15605, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-5/ * Tue Jul 31 2018 chrisAATTcomputersalat.de- fix for boo#1103305 * add missing dependency for php-ctype * Fri Jun 22 2018 chrisAATTcomputersalat.de- update to 4.8.2 (2018-06-21) * issue #14370 WHERE 0 causes Fatal error * issue #14225 Fix missing index icon- fix for boo#1098752 * PMASA-2018-3 (CVE-2018-12581, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-3/ - XSS in Designer feature- fix for boo#1098751 * PMASA-2018-4 (CVE-2018-12613, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-4/ - File inclusion and remote code execution attack- some minor changelog fixes about security fix entries * Sat May 26 2018 ecsosAATTopensuse.org- update to 4.8.1 (2018-05-25) * gh#12772 Fix case where the central columns attributes don\'t get filled in * gh#14049 Fix case where the query builder doesn\'t work when selected column is * * gh#14029 Revert \"Browse\" table CSS overflow * gh#14241 Dropping indexes and foreign keys fail * gh#14227 Relational linking broken * gh#14246 Fixed error in configuration storage zero config * gh#14128 Show 2FA Secret next to QR code * gh#14212 XML Export from single table throws fatal error * gh#14239 Line and some other charts ignore result set order of values chosen for the x-axis * gh#14260 Fixed configuration for DefaultLang and Lang * gh#14264 Linking for \'Distinct values\' broken * gh#13968 Fix MariaDB 10.2 current_timestamp() * gh#14249 Fix for missing go button in view edit * gh#14125 Fix for issues with spatial fields * gh#14189 Remember table\'s sorting broken * gh#14289 Fix multi-column sorting * gh#14278 Fix central columns in-line edit bug * gh#14066 Fix AUTO_INCREMENT error when only exporting table structure in database-level exports * gh#13893 Simulating queries produces unexpected results * gh#14309 Setup script icons missing * Fri Apr 20 2018 ecsosAATTopensuse.org- update to 4.8.0.1 (2018-04-19)- fix for boo#1090309 * PMASA-2018-2 (CVE-2018-10188, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-2/ - Multiple CSRF vulnerabilities * Wed Apr 11 2018 ecsosAATTopensuse.org- fix wrong require /usr/bin/bash to /bin/bash so phpMyAdmin could install- insert missing templates dir in htaccess See https://docs.phpmyadmin.net/de/latest/setup.html#securing-your-phpmyadmin-installation- create tmp dir and insert this in htaccess to fix the errormessage after login * Wed Apr 11 2018 javierAATTopensuse.org- spec clean up * Let rpm find the library dependencies by itself. Remove unneeded explicit Requires: tags (php-zlib) * Remove logic for obsolete openSUSE releases * Ignore pem-certificate rpmlint warning (see libraries/certs/README.rst) * Remove hidden .github, .php_cs.dist, .scrutinizer.yml and .editorconfig * Remove php_twig.h and twig.c (devel) * Set proper shebang for bash and php scripts * Make phpmyadmin/sql-parser/bin/ *-query and paragonie/random_compat/ *.sh executable * Wed Apr 11 2018 javierAATTopensuse.org- update to 4.8.0 (2018-04-07) * gh#12946 Allow to export JSON with unescaped unicode chars * gh#12983 Disable login button without solved reCaptcha * gh#12315 Allow to remove individual segments from pie charts * gh Change label from \"Improve table structure\" to \"Normalize\" to match standard terminology * gh#13087 Offer login as different user on access denied from MySQL * gh#13110 Indicate when HTTPS is not properly reported on the server * gh#13119 No database selected error when adding foreign key * gh#12388 Improved database search to allow search for exact phrase match * gh#13099 Report error when trying to copy database to same name * gh#13167 Themes now have to contain metadata in theme.json * gh#6363 phpMyAdmin no longer requires eval() in PHP * gh#12386 The mbstring dependency is now optional * gh#13269 Small refactoring in preparation to CSP * gh#13384 Database link broken in Databases Page * gh#13391 Configurable authentication logging using $cfg[\'AuthLog\'] * gh#13086 Add support for Google Invisible Captcha * gh#13058 Improved error reporting for reCAPTCHA * gh#12899 Improved rendering of server variables table * gh#12948 Fixed javascript editor for TIME values * gh#13095 Fixed alignment of foreign keys editing * gh#12944 Improved inline editor for JSON * gh#13145 Improved layout of operations pages * gh#13448 Add \"format\" query button in edit view form * gh#6241 Implement Responsive Design/mobile interface * gh Use a single location for classes under PhpMyAdmin namespace * gh#12354 Indicate SSL status on main page * gh#5666 Configuration directives for defaults of Transformation options * gh#12261 Remove inline JavaScript * gh#13408 Show MySQL warnings when executing SQL queries * gh#5827 Allow Designer to show tables from other databases * gh#13268 Replace Query-By-Example with multi-table query generator interface * gh#13576 Add privileges export to per-database listing * gh Consolidate functions into class files * gh#13560 Add support for changing collation for all tables and columns in database * gh#13303 Add support for creating fulltext index from table structure * gh#13711 Lower default value for $cfg[\'MaxExactCount\'] * gh#13722 DisableIS is not fully honored * gh#6197 Added support for authentication using U2F and 2FA * gh#13480 Avoid removing cookies on upgrade * gh#13397 Remember state of navigation panel * gh#11688 Reduced cookie usage * gh#13466 Better utilization of user preferences * gh#14042 Rename PMD to Designer * gh#13940 Honor arg_separator in AJAX requests * gh#14060 Can\'t edit rows in Internet Explorer * gh#14096 Internet Explorer compatibility; fixes JavaScript error Object doesn\'t support property or method \'startsWith\' * Tue Mar 06 2018 ecsosAATTopensuse.org- update to 4.7.9 (2018-03-05) * gh#13931 Fixed browsing tables with more results * gh#13927 \"Not an integer\" when browsing a table * gh#13887 \"Input variables exceeded 1000\" error relating to PHP\'s max_input_vars directive * Thu Feb 22 2018 astiegerAATTsuse.com- phpMyAdmin 4.7.8: * Fixed error handling with PHP 7.2 * Fixed resetting default setting values * Fixed fallback value for collation connection- fix for boo#1082188 * PMASA-2018-1 (CVE-2018-7260, CWE-661) https://www.phpmyadmin.net/security/PMASA-2018-1/ - Fix XSS in Central Columns Feature * Mon Dec 25 2017 astiegerAATTsuse.com- phpMyAdmin 4.7.7: * Fixed displaying of formatted numeric values for some locales * Ensure datetimepicker is always loaded for datetime fields * Fixed PHP error when browsing certain results * Fix XSRF/CSRF vulnerability (bsc#1074066, PMASA-2017-09) CVE-2017-1000499 * Sat Dec 02 2017 ecsosAATTopensuse.org- update to 4.7.6 (2017-11-29) * gh#13517 Fixed check all interaction with filtering * gh#13803 Add SJIS-win to default list of allowed charsets * gh#13436 Improve detection that MySQL server needs SSL connection * gh#13038 Support JSON datatype on MariaDB 10.2.7 and newer * gh#13824 Fixed constructing ALTER query with AFTER * gh#13821 Lock page when changes are done in the SQL editor * gh#13842 Prefer iconv for encoding conversions * gh#13737 Fixed changing password on MariaDB cluster * Sun Nov 26 2017 suse+buildAATTde-korte.org- fix for boo#1057661 * no longer require php_mod_any (recommend it instead) * only enable php5 / php7 if running Apache prefork MPM- fix %post * use sed instead of grep/awk to determine PHP version * Tue Oct 24 2017 ecsosAATTopensuse.org- update to 4.7.5 (2017-10-23) * gh#13615 Avoid problems with browsing unknown query types * gh#13612 Integrate tooltip into datetime pickers * gh#13628 Fixed javascript error in server monitor * gh#13444 Fixed server monitor on non Linux and Windows systems * gh#13633 Reload javscript messages when changing language * gh#13604 Fixed crash on invalid ordering data * gh#13639 Fixed error when browsing non SELECT results * gh#13533 Fixed saving column to display * gh#13647 Fixed export of tables with VIRTUAL columns * gh#13669 Fixed selecting multiple rows accidentally selects the next row too * gh#13513 Fixed edit index Column alignment issue * gh#13515 Fixed rendering of add index dialog * gh#13710 Fixed possible error in server advisor * gh#13477 Fixed setting input transformations * gh#13552 Fixed IPv4/IPv6 To Binary input transformation * gh#13686 Clicking on column name to trigger sort with an active search leads to logout * gh#13725 Fixed copying tables with specific PARTITION definition * gh#13761 Fixed listing of bookmarks for a database * Fri Sep 08 2017 chrisAATTcomputersalat.de- fix recommends * php5-curl -> php-curl * php5-zip -> php-zip- fix post step * enable correct phpX module * Fri Aug 25 2017 ecsosAATTopensuse.org- update to 4.7.4 * gh#13415 Remove shadow from the logo * gh#13507 Fixed per server theme feature * gh#13523 Missing newline in ALTER exports * gh#13414 Fixed several compatibility issues with PHP 7.2 * gh#13550 Fixed copy results to clipboard * gh#13562 Add limitation for user group length * gh#13561 Fixed edit variable link in advisor * gh#13579 Optimize table link should not be visible in print page * gh#13553 Improved error handling on corrupted tables * gh#13512 Fixed rendering of add index dialog * gh#13606 Fixed refreshing server variables * Fri Jul 28 2017 chrisAATTcomputersalat.de- fix for boo#1050980 * replace mcrypt with openssl, see https://github.com/phpseclib/phpseclib/issues/1028- update changes (update to 4.6.6 (2017-01-23)) * add missing (CVE-Not yet available) CVE\'s * Sat Jul 22 2017 ecsosAATTopensuse.org- update to 4.7.3 * gh#13447 Large multi-line query removes Export operation and blanks query box options * gh#13445 Fixed rendering of query results * gh#13437 Fixed version check when not connected to a database * gh#13465 Fixed creating relation * gh#13475 Fixed export without backquotes * gh#13482 Improved handling of uploaded files with open_basedir * gh#13387 Fixed inline editing of hex values * gh#13382 Fixed size of index edit dialog * gh#13489 Fixed rendering SQL lint errors * gh#13468 Avoid breakage if set_time_limit is disabled * gh#13471 Fail if ini_set/ini_get are disabled * gh#13436 Automatically connect using SSL when server is configured so * gh#13478 Fixed usage of some browser transformations * Sun Jul 02 2017 ecsosAATTopensuse.org- update to 4.7.2 (2017-06-29) * gh#13314 Make theme selection keep current server * gh#13311 Fixed direct login for accounts without password * gh#13316 Fixed check for mbstring.func_overload * gh#13323 Fixed wrong encoding of table at triggers * gh#12976 Fixed natural sorting in several places * gh#12718 Show warning for users removed from mysql.user table * gh#13362 Fixed loading additional javascripts * gh#13343 Fixed editing QBE * gh#13193 Improved documentation on user settings * gh#13092 Gracefully handle early fatal errors in AJAX requests * gh#13327 Fixed Incorrect NavigationTreeEnableExpansion default value in the documentation * gh#13008 Fixed export of database with a lot of tables * gh#13318 Improved performance when importing with enabled tracking * gh#13386 Avoid PHP errors with non existing configuration on OS X * gh#13388 Show only supported charsets for conversion * gh#13392 Fixed operation with session.auto_start enabled * gh#13383 \"Create PHP code\" is broken * gh#13189 Fixed links to resume timeouted import * Fri Jun 02 2017 ecsosAATTopensuse.org- update to 4.7.1 (2017-05-25) * gh#13132 Always execute tracking queries as controluser * gh#13125 Focus on SQL editor after inserting field name * gh#13133 Fixed broken links in setup * gh#13135 Database list Tooltips: Show wrong value * gh#13150 Fixed pagination while browsing resuls * gh#13149 Fixed outbound links in changelog.php * gh#13146 Do not include devel dependencies in the release * gh#13144 Do not show New as a database in database dropdown * gh#13130 Fixed handling of errors in AJAX requests * gh#13152 Fixed PHP error in case of invalid table preferences * gh#13154 Fixed PHP error on password change * gh#13219 Fix Refresh of Process List * gh#13182 Fix refresh of long queries * gh#12301 Improved handling of logout with disabled LoginCookieDeleteAll * gh#13216 Add support for MySQL 8.0 collations * gh#13218 Fixed rendering of phpMyAdmin logos * gh#13234 Properly report not working sessions * gh#13256 Fixed password check on server replication * gh#13252 Fixed grid editing time column * gh#13258 Fixed detection of Amazon RDS * gh#13241 Redirect user to last page that has any tables to display * gh#13266 Fix link to User accounts overview page * gh#13274 Fix error in query builder * gh#13177 Grid editing repeats action after error * Sat Apr 22 2017 chrisAATTcomputersalat.de- restore phpMyAdmin-pma.patch * because it is NOT upstream and needed for configuration storage- restore previous phpMyAdmin-config.patch * merge with upstream config VAR changes - removed $cfg[\'Servers\'][$i][\'designer_coords\'] * Sat Apr 01 2017 ecsosAATTopensuse.org- update to 4.7.0 (2017-03-28) * gh#12233 [Display] Improve message when renaming database to same name * gh#6146 Log authentication attempts to syslog * gh#11981 Remove support for Swekey authentication * gh#11987 Remove code for no longer supported MSIE versions * gh#11962 Remove embedded PHP libraries, use composer to install them * gh#12017 Cannot easily select multiple tables when exporting * gh#12047 Add javascript filtering for databases * gh#12166 More compact rendering of navigation tree * gh#12129 Improve performance with SkipLockedTables * gh#12173 Do not hide indexes under a slider * Improve performance of zip file import * gh#12196 Removed $cfg[\'ThemePath\'] * gh#6274 Add support for export user settings as config.inc.php snippet * gh#5555 Better report query errors while generating SQL exports * gh#12307 Produce valid JSON on export * gh#12325 Setup script icons broken * gh#12378 Support IPv6 proxies * Removed MySQL connection retry without password * gh#12218 Allow to specify further parameters for control connection * gh#12162 Show charset for each table on Database structure page * gh#12463 Incorrect link in the href of icon at Hide/Show unhide links * gh#12330 Shortcut for closing console * gh#12465 Improved handling of http requests * gh#12474 Broken links in Setup forms Navigation * gh#12494 Can\'t add a new User * gh#12523 Add \'token\' Parameter in all POST requests (Fix \'Token mismatch\' errors) * gh#12302 Improved usage of number_format * gh#12656 Server selection not working * gh#12543 NULL results in dataset are colored grey * gh#12664 Create Bookmark broken * gh#12688 Use unsigned int for storing bookmark ID * gh#12352 Added password strength indicator * gh#12713 Correctly handle HTTP status when doing requests * gh#12247 Add option to delete settings from browser storage * gh#12783 Remove unused PMA_addJSCode function * gh#12069 Add table filtering to database structure * gh#12799 Allow to configure signon session parameters * gh#12854 Drop database is broken * gh#12863 Can\'t toggle Event Scheduler on * gh#12742 Finish removing dead code references to xls/xlsx import and export, which was removed some time ago. * gh#12536 Rename \"Relations\" to \"Relationships\" in many places as it\'s the more proper term * gh#12834 Fixed margins in central columns feature * gh#12903 Document more export configuration options * gh#12897 Use consistent numeric format for table overhead * gh#12901 Use server returned table name on renaming table * gh#12918 Always use \\r\ as newline when editing fields * gh#12923 Fixed server side search in navigation panel * gh#12929 Undefined index warning with ssl_ca_paths * gh#12924 Do not show errors from OpenSSL cookie encryption/decryption * gh#12945 Fixed hint rendering on adding new user * gh#12941 Fixed sorting of tables in relation view * gh#12936 Fixed tables pagination in navigation panel * gh#12904 Do not collapse add form for central columns if there are none * gh#12955 Fixed database renaming * gh#12954 Fixed export of tracking data * gh#12960 Enclose exports in transaction by default * gh#12966 After adding a column ADD INDEX option won\'t be displayed when enabling AI * gh#12972 Better error message when Composer has not been run * gh#12988 Do not show language selector without choices * gh#12993 Fixed external links to php documentation * gh#12990 Fixed error when loading favorite tables to console * gh#12981 Improved rendering of new version information * gh#12922 Fixed bookmarks ordering * gh#12964 Fixed table search in navigation * gh#12985 Fixed rendering of foreign key browsing * gh#12957 Fixed manipulation with GIS data having zero coordinates * gh#12804 Fixed various designer javascript errors * gh#12934 Fixed possible javascript error on server status page * gh#12927 Fixed javascript error on 3NF normalization * gh#12996 List all databses in navigation panel database dropdown * gh#12980 Better defaults when creating multi field foreign key * gh#12976 Improved foreign key editor behavior * gh#12958 Always show error reporting dialog on top * gh#12693 Improved support for TokuDB * gh#11231 Try harder to honor LoginCookieValidity setting * gh#13016 and #13017 Slight improvements to the table layout of Relation view * gh#12345 Correctly show affected rows for LOAD DATA queries * gh#13010 Copy database: SQL error for copying PMADB metadata * gh#13002 Fixed OpenDocument exports * gh#13000 Align NULL values according to the column alignment * gh#13021 Show phpMyAdmin errors even with error_reporting set to 0 * gh#13020 Removed warning about client and server versions mismatch * Hide comments on table Structure tab when no comment is set * Fixed submission of error reports * gh#13033 Use Referrer-Policy header to specify referrer policy * Fixed javascript confirmation of dangerous queries * gh#13040 Compatibility with hhvm 3.18 * gh#13031 Fixed displaying of all rows * gh#12967 Fixed related field selection for native relations * gh#13045 Properly escape MIME transformatoin names * gh#13028 Always show 100% in font selector * gh#13047 Fix query simulating for more servers * gh#12846 Fix new version check for sites with wrongly configured curl * gh#12951 When exporting to Excel, the default is now to include column names in the first row * gh#13059 Removed debugging code * gh#13029 Fixed table tracking for nested table groups * gh#13053 Fixed broken links in setup * gh#12708 Removed phpMyAdmin version from User-Agent header * gh#13084 Do not point users to setup when it is disabled * gh#12660 Delete only phpMyAdmin cookies on upgrade * gh#13088 Fixed editing of rows with text primary key * gh#13092 Do not try to sync favorite tables if configuration storage is not enabled * gh#13105 Fixed changing attribute for virtual field * gh#12757 Fixed setting password on recent MariaDB with non working plugins * gh#12349 Fixed undefined variable on import from some formats * gh#13103 Do not offer default names for copying/renaming databases * [security] Possible to bypass $cfg[\'Servers\'][$i][\'AllowNoPassword\'], see PMASA-2017-08- Drop patch phpMyAdmin-pma.patch because now in upstream * Mon Mar 20 2017 chrisAATTcomputersalat.de- add http.inc file * include one file for php5/php7 admin flags/values * Wed Jan 25 2017 chrisAATTcomputersalat.de- 4.6.6 (2017-01-23) * gh#12759 Fix Notice regarding \'Undefined index: old_usergroup\' * gh#12760 Fix Notice regarding \'Undefined index: users\' * gh#12762 Fixed parsing of SQL with BINARY function * gh#12588 ReCaptcha now works without allow_url_fopen * gh#12699 Show no local storage warning only on settings tab * gh#12778 Syntax Error in Adding/Changing TIMESTAMP columns with default value as NULL * gh#12769 Edit/Export links are not clickable under Routines tab * gh#12757 Fixed creating new user with older MariaDB * gh#12784 Remove ctype installation suggestion * gh#12780 Format button replaces all text with blank spaces * gh#12786 Fixed database searching * gh#12792 Fixed javascript error on new version link * gh#12785 Add information about required and suggested extensions to composer.json * gh#12801 Custom header shown twice with cookie login form * gh#12802 Custom footer not shown with auth_type http login failure * gh#12434 Improve documentation for servers running with Suhosin * gh#12800 Updated embedded phpSecLib to 2.0.4 * gh#12800 Fixed various issues with PHP 7.1 * gh#11816 Fixed operation with lower_case_table_names=2 * gh#12813 Fixed stored procedure execution * gh#12826 Honor user configured connection collation * gh#12293 Correctly report OpenSSL errors from cookie encryption * gh#12814 DateTime won\'t allow to input length in Routine editor * gh#12840 Fix Notice regarding \'Undefined index: row_format\' when altering table options * gh#12841 Fixed moving of columns with whitespace in name * gh#12847 Fixed editing of virtual columns * gh#12859 Changed WHERE condition to 0 instead of 1 for SQL query window to avoid accidents * gh#12872 Use same query for display and execution when dropping index * gh#12868 Fix check for user groups freatures being enabled * gh#12876 Fix notices and warning related to dbs_to_test global * gh#12831 Fix table formatting on Insert tab, which mostly affected row highlighting * gh#12495 Reintroduced phpinfo page with limited capabilities * gh#12861 Fix renaming tables with lower_case_table_names=2 * gh#12876 Fix possible PHP error in navigation * gh#12881 Fix database search with newer php-gettext * gh#12894 Fix linter error on unterminated variable name * gh#12732 Fixed filtering for active processes- fix for boo#1021597 * PMASA-2016-44 (CVE-2016-6621, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-44/ - Multiple vulnerabilities in setup script * PMASA-2017-1 (CVE-2017-1000013, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-1/ - Open redirect * PMASA-2017-2 (CVE-2015-8980, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-2/ - php-gettext code execution * PMASA-2017-3 (CVE-2017-1000014, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-3/ - DOS vulnerabiltiy in table editing * PMASA-2017-4 (CVE-2017-1000015, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-4/ - CSS injection in themes * PMASA-2017-5 (CVE-2017-1000016, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-5/ - Cookie attribute injection attack * PMASA-2017-6 (CVE-2017-1000017, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-6/ - SSRF in replication * PMASA-2017-7 (CVE-2017-1000018, CWE-661) https://www.phpmyadmin.net/security/PMASA-2017-7/ - DOS in replication status- remove obsolete phpMyAdmin-12757_sql_syntax_errror.patch- rework phpMyAdmin-config.patch * Thu Jan 19 2017 ecsosAATTopensuse.org- Add Patch phpMyAdmin-12757_sql_syntax_errror.patch to fix gh#12757 SQL syntax errror on MariaDB < 10.0.2 in check for mysql password check plugin. Will be fixed in 4.6.6 * Tue Dec 06 2016 chrisAATTcomputersalat.de- update to 4.6.5.2 (2016-12-05) * gh#12765 Fixed SQL export with newlines- update changes (update to 4.6.5 (2016-11-25)) * add missing (Not yet available) CVE\'s- fix phpMyAdmin.http * Sat Nov 26 2016 ecsosAATTopensuse.org- update to 4.6.5.1 (2016-11-26) - quick fix for 4.6.5 * an issue affecting a small number of users using $cfg[\'Servers\'][$i][\'hide_db\'] or $cfg[\'Servers\'][$i][\'only_db\']. * an issue affecting the create table dialog where the partition selection tool was overzealous and made it difficult to create a new table.- update to 4.6.5 (2016-11-25) - security fixes * Fix for expanding in navigation pane * Reintroduced a simplified version of PmaAbsoluteUri directive (needed with reverse proxies) * Fix editing of ENUM/SET/DECIMAL field structures * Improvements to the parser - other fixes * Remove potentionally license problematic sRGB profile * gh#12459 Display read only fields as read only when editing * gh#12384 Fix expanding of navigation pane when clicking on database * gh#12430 Impove partitioning support * gh#12374 Reintroduced simplified PmaAbsoluteUri configuration directive * Always use UTC time in HTTP headers * gh#12479 Simplified validation of external links * gh#12483 Fix browsing tables with built in transformations * gh#12485 Do not show warning about short blowfish_secret if none is set * gh#12251 Fixed random logouts due to wrong cookie path * gh#12480 Fixed editing of ENUM/SET/DECIMAL fields structure * gh#12497 Missing escaping of configuration used in SQL (hide_db and only_db) * gh#12476 Add error checking in reading advisory rules file * gh#12477 Add checking missing elements and confirming element types from json_decode * gh#12251 Automatically save SQL query in browser local storage rather than in cookie * gh#12292 Unable to edit transformations * gh#12502 Remove unused paramenter when connecting to MySQLi * gh#12303 Fix number formatting with different settings of precision in PHP * gh#12405 Use single quotes in PHP code * gh#12534 Option for the dropped column is not removed from \'after_field\' select, after the column is dropped * gh#12531 Properly detect DROP DATABASE queries * gh#12470 Fix possible race condition in setting URL hash * gh#11924 Remove caching of server information * gh#11628 Proper parsing of INSERT ... ON DUPLICATE KEY queries * gh#12545 Proper parsing of CREATE TABLE ... PARTITION queries * gh#12473 Code can throw unhandled exception * gh#12550 Do not try to keep alive session even after expiry * gh#12512 Fixed rendering BBCode links in setup * gh#12518 Fixed copy of table with generated columns * gh#12221 Fixed export of table with generated columns * gh#12320 Copying a user does not copy usergroup * gh#12272 Adding a new row with default enum goes to no selection when you want to add more then 2 rows * gh#12487 Drag and drop import prevents file dropping to blob column file selector on the insert tab * gh#12554 Absence of scrolling makes it impossible to read longer text values in grid editing * gh#12530 \"Edit routine\" crashes when the current user is not the definer, even if privileges are adequate * gh#12300 Export selective tables by-default dumps Events also * gh#12298 Fixed export of view definitions * gh#12242 Edit routine detail dialog does not fill \"Return length\" field in mysql functions * gh#12575 New index Confirm adds whitespace around the field name * gh#12382 Bug in zoom search * gh#12321 Assign LIMIT clause only to syntactically correct queries * gh#12461 Can\'t Execute SQL With Sub-Query Due To \"LIMIT 0,25\" Inserted At Wrong Place * gh#12511 Clarify documentation on ArbitraryServerRegexp * gh#12508 Remove duplicate code in SQL escaping * gh#12475 Cleanup code for getting table information * gh#12579 phpMyAdmin\'s export of a Select statment without a FROM clause generates Wrong SQL * gh#12316 Correct export of complex SELECT statements * gh#12080 Fixed parsing of subselect queries * gh#11740 Fixed handling DELETE ... USING queries * gh#12100 Fixed handling of CASE operator * gh#12455 Query history stores separate entry for every letter typed * gh#12327 Create PHP code no longer works * gh#12179 Fixed bookmarking of query with multiple statements * gh#12419 Wrong description on GRANT OPTION * gh#12615 Fixed regexp for matching browser versions * gh#12569 Avoid showing import errors twice * gh#12362 prefs_manage.php can leave an orphaned temporary file * gh#12619 Unable to export csv when using union select * gh#12625 Broken Edit links in query results of JOIN query * gh#12634 Drop DB error in import if DB doesn\'t exist * gh#12338 Designer reverts to first saved ER after EACH relation create or delete * gh#12639 \'Show trace\' in Console generates JS error for functions in query\'s trace called without any arguments * gh#12366 Fix user creation with certain MariaDB setups * gh#12616 Refuse to work with mbstring.func_overload enabled * gh#12472 Properly report connection without password in setup * gh#12365 Fix records count for large tables * gh#12533 Fix records count for complex queries * gh#12454 Query history not updated in console until page refresh * gh#12344 Fixed parsing of labels in loop * gh#12228 Fixed parsing of BEGIN labels * gh#12637 Fixed editing some timestamp values * gh#12622 Fixed javascript error in designer * gh#12334 Missing page indicator or VIEWs * gh#12610 Export of tables with Timestamp/Datetime/Time columns defined with ON UPDATE clause with precision fails * gh#12661 Error inserting into pma__history after timeout * gh#12195 Row_format = fixed not visible * gh#12665 Cannot add a foreign key - non-indexed fields not listed in InnoDB tables * gh#12674 Allow for proper MySQL-allowed strings as identifiers * gh#12651 Allow for partial dates on table insert page * gh#12681 Fixed designer with tables using special chars * gh#12652 Fixed visual query builder for foreign keys with more fields * gh#12257 Improved search page performance * gh#12322 Avoid selecting default function for foreign keys * gh#12453 Fixed escaping of SQL parts in some corner cases * gh#12542 Missing table name in account privileges editor * gh#12691 Remove ksort call on empty array in PMA_getPlugins function * gh#12443 Check parameter type before processing * gh#12299 Avoid generating too long URLs in search * gh#12361 Fix self SQL injection in table-specific privileges * gh#12698 Add link to release notes and download on new version notification * gh#12712 Error when trying to setup replication (fatal error in call to an old PMA_DBI_connect function)- fix for boo#1012271 https://www.phpmyadmin.net/security/ * Unsafe generation of $cfg[\'blowfish_secret\'] see PMASA-2016-58 (CVE ids: CVE-2016-9847, CWE-661) * phpMyAdmin\'s phpinfo functionality is removed see PMASA-2016-59 (CVE ids: CVE-2016-9848, CWE-661) * AllowRoot and allow/deny rule bypass with specially-crafted username see PMASA-2016-60 (CVE ids: CVE-2016-9849, CWE-661) * Username matching weaknesses with allow/deny rules see PMASA-2016-61 (CVE ids: CVE-2016-9850, CWE-661) * Possible to bypass logout timeout see PMASA-2016-62 (CVE ids: CVE-2016-9851, CWE-661) * Full path disclosure (FPD) weaknesses see PMASA-2016-63 (CVE ids: CVE-2016-9852, CVE-2016-9853, CVE-2016-9854, CVE-2016-9855, CWE-661) * Multiple XSS weaknesses see PMASA-2016-64 (CVE ids: CVE-2016-9856, CVE-2016-9857, CWE-661, CWE-352) * Multiple denial-of-service (DOS) vulnerabilities see PMASA-2016-65 (CVE ids: CVE-2016-9858, CVE-2016-9859, CVE-2016-9860, CWE-661, CW-400) * Possible to bypass white-list protection for URL redirection see PMASA-2016-66 (CVE ids: CVE-2016-9861, CWE-661, CWE-20, CWE-601) * BBCode injection to login page see PMASA-2016-67 (CVE ids: CVE-2016-9862, CWE-661) * Denial-of-service (DOS) vulnerability in table partitioning see PMASA-2016-68 (CVE ids: CVE-2016-9863, CWE-661, CWE-400) * Multiple SQL injection vulnerabilities see PMASA-2016-69 (CVE ids: CVE-2016-9864, CWE-661, CWE-89) * Incorrect serialized string parsing see PMASA-2016-70 (CVE ids: CVE-2016-9865, CWE-661) * CSRF token not stripped from the URL see PMASA-2016-71 (CVE ids: CVE-2016-9866, CWE-661) * Sun Nov 06 2016 chrisAATTcomputersalat.de- fix deps * add missing Recommends php5-curl- fix phpMyAdmin.http * add * Sat Nov 05 2016 chrisAATTcomputersalat.de- fix phpMyAdmin.http * Thu Aug 18 2016 chrisAATTcomputersalat.de- 4.6.4 (2016-08-16) - securitiy fixes * Improve session cookie code for openid.php and signon.php example files * Full path disclosure in openid.php and signon.php example files * Unsafe generation of BlowfishSecret (when not supplied by the user) * Referrer leak when phpinfo is enabled * Use HTTPS for wiki links * Improve SSL certificate handling * Fix full path disclosure in debugging code * Administrators could trigger SQL injection attack against users - other fixes * Remove Swekey support * Include X-Robots-Tag header in responses * Enforce numeric field length when creating table * Fixed invalid Content-Length in some HTTP responses * gh#12394 Create view should require a view name * gh#12391 Message with \'Change password successfully\' displayed, but does not take effect * Tighten control on PHP sessions and session cookies * gh#12409 Re-enable overhead on server databases view * gh#12414 Fixed rendering of Original theme * gh#12413 Fixed deleting users in non English locales * gh#12416 Fixed replication status output in Databases listing * gh#12303 Avoid typecasting to float when not needed * gh#12425 Duplicate message variable names in messages.inc.php * gh#12399 Adding index to table shows wrong top navigation * gh#12424 Fixed password change on MariaDB without auth plugin * gh#12339 Do not error on unset server port * gh#12422 Improvements to the original theme * gh#12395 Do not try to load old transformation plugins * gh#12423 Fixed replication status in database listing * gh#12433 Copy table with prefix does not copy the indexes * gh#12375 Search in database: Window content is not scrolling down when clicking first time on Browse link * gh#12346 SQL Editor textareas can have their size increased from the top, distorting the page view- fix for boo#994313 https://www.phpmyadmin.net/security/ * Weaknesses with cookie encryption see PMASA-2016-29 (CVE-2016-6606, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-30 (CVE-2016-6607, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-31 (CVE-2016-6608, CWE-661) * PHP code injection see PMASA-2016-32 (CVE-2016-6609, CWE-661) * Full path disclosure see PMASA-2016-33 (CVE-2016-6610, CWE-661) * SQL injection attack see PMASA-2016-34 (CVE-2016-6611, CWE-661) * Local file exposure through LOAD DATA LOCAL INFILE see PMASA-2016-35 (CVE-2016-6612, CWE-661) * Local file exposure through symlinks with UploadDir see PMASA-2016-36 (CVE-2016-6613, CWE-661) * Path traversal with SaveDir and UploadDir see PMASA-2016-37 (CVE-2016-6614, CWE-661) * Multiple XSS vulnerabilities see PMASA-2016-38 (CVE-2016-6615, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-39 (CVE-2016-6616, CWE-661) * SQL injection vulnerability see PMASA-2016-40 (CVE-2016-6617, CWE-661) * Denial-of-service attack through transformation feature see PMASA-2016-41 (CVE-2016-6618, CWE-661) * SQL injection vulnerability as control user see PMASA-2016-42 (CVE-2016-6619, CWE-661) * Verify data before unserializing see PMASA-2016-43 (CVE-2016-6620, CWE-661) * SSRF in setup script see PMASA-2016-44 (CVE-2016-6621, CWE-661) * Denial-of-service attack with $cfg[\'AllowArbitraryServer\'] = true and persistent connections see PMASA-2016-45 (CVE-2016-6622, CWE-661) * Denial-of-service attack by using for loops see PMASA-2016-46 (CVE-2016-6623, CWE-661) * Possible circumvention of IP-based allow/deny rules with IPv6 and proxy server see PMASA-2016-47 (CVE-2016-6624, CWE-661) * Detect if user is logged in see PMASA-2016-48 (CVE-2016-6625, CWE-661) * Bypass URL redirection protection see PMASA-2016-49 (CVE-2016-6626, CWE-661) * Referrer leak see PMASA-2016-50 (CVE-2016-6627, CWE-661) * Reflected File Download see PMASA-2016-51 (CVE-2016-6628, CWE-661) * ArbitraryServerRegexp bypass see PMASA-2016-52 (CVE-2016-6629, CWE-661) * Denial-of-service attack by entering long password see PMASA-2016-53 (CVE-2016-6630, CWE-661) * Remote code execution vulnerability when running as CGI see PMASA-2016-54 (CVE-2016-6631, CWE-661) * Denial-of-service attack when PHP uses dbase extension see PMASA-2016-55 (CVE-2016-6632, CWE-661) * Remove tode execution vulnerability when PHP uses dbase extension see PMASA-2016-56 (CVE-2016-6633, CWE-661)- fix deps * add missing php-gettext- rebase phpMyAdmin-config.patch * Thu Jun 23 2016 chrisAATTcomputersalat.de- update to 4.6.3 (2016-06-23) * gh#12249 Fixed cookie path on Windows * gh#12279 Fixed error reporting on connect problems * gh#12290 Fixed export of tables without explicitly set engine * gh#12285 Designer JavaScript error: Show/Hide tables list * gh#12293 Fix MySQL SSL connection with some PHP versions * gh#12279 Fix MySQL connection error on version mismatch * gh#12281 Keep user attributes (privileges, authentication mode, etc) when copying a user * gh#12308 Fix division by zero in case of misconfigured MySQL server * gh#12317 Fix editing server variables * gh#12303 Fix table size calculation in some circumstances * gh#12310 Fix listing routines for non privileged user * issue Escape generated query in exporting a database * issue Setup script did not properly use input type password for some input types- fix for boo#986154 * PMASA-2016-17 (CVE-2016-5701, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-17/ - BBCode injection vulnerability * PMASA-2016-18 (CVE-2016-5702, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-18/ - Cookie attribute injection attack * PMASA-2016-19 (CVE-2016-5703, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-19/ - SQL injection attack * PMASA-2016-20 (CVE-2016-5704, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-20/ - XSS on table structure page * PMASA-2016-21 (CVE-2016-5705, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-21/ - Multiple XSS vulnerabilities * PMASA-2016-22 (CVE-2016-5706, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-22/ - DOS attack * PMASA-2016-23 (CVE-2016-5730, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-23/ - Multiple full path disclosure vulnerabilities * PMASA-2016-24 (CVE-2016-5731, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-24/ - XSS through FPD * PMASA-2016-25 (CVE-2016-5732, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-25/ - XSS in partition range functionality * PMASA-2016-26 (CVE-2016-5733, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-26/ - Multiple XSS vulnerabilities * PMASA-2016-27 (CVE-2016-5734, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-27/ - Unsafe handling of preg_replace parameters * PMASA-2016-28 (CVE-2016-5739, CWE-661) https://www.phpmyadmin.net/security/PMASA-2016-28/ - Referrer leak in transformations * Sun May 29 2016 chrisAATTcomputersalat.de- rebase phpMyAdmin-config.patch * Sat May 28 2016 ecsosAATTopensuse.org- update to 4.6.2 (2016-05-25) - gh#12225 Use https for documentation links - gh#12234 Fix schema export with too many tables - gh#12240 Avoid parsing non JSON responses as JSON - gh#12244 Avoid using too log URLs when getting javascripts - gh#12118 Fixed setting mixed case languages - gh#12229 Avoid storing objects in session when debugging SQL - gh#12249 Fix cookie path on IIS - gh#11705 Fix occassional 200 errors on Windows - gh#12219 Fix locking issues when importing SQL - gh#12231 Avoid confusing warning when mysql extension is missing - fix issue Improve handling of logout - fix issue Safer handling of sessions during authentication - gh#12209 Fix server selection on main page - gh#12192 Avoid storing full error data in session - gh#12082 Fixed export of ARCHIVE tables with keys - gh#11565 Add session reload for config authentication - gh#12229 Do not fail on errors stored in session - gh#12248 Fix loading of APC based upload progress bar- remove PmaAbsoluteUri from phpMyAdmin-config.patch because since version 4.6.0 it is remove- Security fixes: * PMASA-2016-14 (CVE-2016-5097, CWE-661, boo#982126) https://www.phpmyadmin.net/security/PMASA-2016-14/ - User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14 * PMASA-2016-16 (CVE-2016-5099, CWE-661, boo#982128) https://www.phpmyadmin.net/security/PMASA-2016-16/ - Self XSS vulneratbility, see PMASA-2016-16 * Mon May 09 2016 chrisAATTcomputersalat.de- phpMyAdmin 4.6.1: * Problems with SQL syntax warnings from the linter/parser * Fixing an error about \"PMA_Util\" not found * Better handling of JSON columns * Fixed quoting with the SQL parser, which in particular adversely affected SQL imports and exports * Thu Mar 24 2016 astiegerAATTsuse.com- phpMyAdmin 4.6.0: * Allow setting routine-wise privileges * UI for defining partitioning in create table window * Support JSON data type * Editing partitions in table Structure * Copy results to clipboard * Reactivate cut&paste possibility in print view * Display binary strings as text if they are valid UTF-8 * Copy multiple tables to database * Show MySQL error messages in user language * Add new configuration directive \'ssl_verify\' for self-signed certificates with mysqlnd and PHP >= 5.6 * Remove ForceSSL and PmaAbsoluteUri configuration directives (these are better handled by proper webserver configuration) * Fixed several bugs relating to exporting, particularly with DEFAULT and COMMENT fields * Tue Mar 01 2016 astiegerAATTsuse.com- phpMyAdmin 4.5.5.1: The following vulnerabilities were fixed: * CVE-2016-2559: XSS vulnerability in SQL parser (PMASA-2016-10 boo#968940) * CVE-2016-2560: Multiple XSS vulnerabilities (PMASA-2016-11 boo#968938) * CVE-2016-2561: Multiple XSS vulnerabilities (PMASA-2016-12 boo#968941) * CVE-2016-2562: Vulnerability allowing man-in-the-middle attack on API call to GitHub (PMASA-2016-13 boo#968928) The following upstream bugs were fixed: * CREATE UNIQUE INDEX index type is not recognized by parser. * Row count wrong when grouping joined tables. * Column definition with default value and comment in CREATE TABLE expoerted faulty. * New statement but no delimiter and unexpected token with REPLACE. * Fixed incorrect usage of SQL parser context in SQL export * Fixed inclusion of gettext library from SQL parser * Wed Feb 24 2016 astiegerAATTsuse.com- phpMyAdmin 4.5.5 * improvements to changing passwords on newer MariaDB servers * several fixes to the SQL parser * Sat Jan 30 2016 ecsosAATTopensuse.org- update to 4.5.4.1 (2016-01-28) - gh#11892 Error with PMA 4.4.15.3 - gh#11896 Remove hard dependency on phpseclib * Thu Jan 28 2016 astiegerAATTsuse.com- phpMyAdmin 4.5.4 The followinng vulnerabilities were fixed: (boo#964024) * CVE-2016-2038: Multiple full path disclosure vulnerabilities * CVE-2016-2039: Unsafe generation of XSRF/CSRF token * CVE-2016-2040: Multiple XSS vulnerabilities * CVE-2016-1927: Insecure password generation in JavaScript * CVE-2016-2041: Unsafe comparison of XSRF/CSRF token * CVE-2016-2042: Multiple full path disclosure vulnerabilities * CVE-2016-2043: XSS vulnerability in normalization page * CVE-2016-2044: Full path disclosure vulnerability in SQL parser * CVE-2016-2045: XSS vulnerability in SQL editor- update upstream singing keyring * Sun Jan 10 2016 astiegerAATTsuse.com- 4.5.x package was missing template - fix boo#961285 * Wed Jan 06 2016 chrisAATTcomputersalat.de- fix for boo#960854 * add missing dependency of php-json * Mon Jan 04 2016 astiegerAATTsuse.com- phpMyAdmin 4.5.3.1: * Minimum requirement is PHP 5.5- Highlights of the 4.5.x.x series: * Improvements to the Console feature * Include structure in PDF export * Validate data before import * Support CHECKSUM TABLE operation * Improved operations regarding partitions * Alter privileges when renaming or copying a database or table * Several improvements related to speed and responsiveness * Improved print view * Use CTRL or ALT plus arrow keys to navigate in grid editor * Use plain-English destinations for $cfg[\'NavigationTreeDefaultTabTable\'], $cfg[\'DefaultTabServer\'], $cfg[\'DefaultTabDatabase\'], and $cfg[\'DefaultTabTable\']. The old style values will still work, but this makes it easier for new users to easily understand the destination links. * Integrate SQL debugging into Console * Restore row editing when no unique/primary key exists * Allow exporting one file per table and one file per database * Improvements to using multiple servers with the auth_type cookie * Support virtual columns (MySQL 5.7.5+) * Add or improve support for several MariaDB features including process list and virtual/persistent columns * Improved handling of cached data when upgrading phpMyAdmin * Add SHA256 security password support * Tue Dec 29 2015 ecsosAATTopensuse.org- update to 4.4.15.2 (2015-12-25)- Security fixes: * PMASA-2015-5 (CVE-2015-8669, CWE-661 CWE-200) boo#960282 https://www.phpmyadmin.net/security/PMASA-2015-6/ - [Security] Path disclosure, see PMASA-2015-6 * Mon Oct 26 2015 ecsosAATTopensuse.org- update to 4.4.15.1 (2015-10-23) - gh#11464 phpMyAdmin suggests upgrading to newer version not usable on that system- Security fixes: [boo#951960] * PMASA-2015-5 (CVE-2015-7873, CWE-661 CWE-20) https://www.phpmyadmin.net/security/PMASA-2015-5/ - fix issue [security] Content spoofing on url.php * Sun Sep 20 2015 ecsosAATTopensuse.org- update to 4.4.15 (2015-09-20) - gh#11411 Undefined \"replace\" function on numeric scalar - gh#11421 Stored-proc / routine - broken parameter parsing - fix issue Missing name for configuration read_as_multibytes - gh#11431 Incorrect \"No row selected\" message - gh#11447 MySQL 5.5 and the language system variable - gh#11452 Semantics of export and import icons are mixed up - gh#11451 Designer-Bug in move.js on multiple server configuration - gh#11458 Invalid UTF-8 sequence in argument - gh#11457 Request URI too large - fix issue Invalid argument supplied for foreach() - gh#11461 Foreign key constraints for InnoDB tables with upper-case letters disabled - gh#11487 Warning when entering Query page- change entrys in changelog from sf to gh from 4.13.0 to now * Thu Sep 17 2015 ecsosAATTopensuse.org- boo#945999 enable required apache modules in spec at install * Fri Sep 11 2015 ecsosAATTopensuse.org- update 4.4.14.1 (2015-09-08)- Security fixes: [boo#945420] * PMASA-2015-4 (CVE-2015-6830, CWE-661 CWE-307) https://www.phpmyadmin.net/security/PMASA-2015-4/ - fix issue [security] reCaptcha bypass * Tue Aug 25 2015 ecsosAATTopensuse.org- update to 4.4.14 (2015-08-20) - gh#11367 Export after search, missing WHERE clause - gh#11380 Incomplete message after import - fix issue Incorrect scalar type declaration (reported under PHP 7) - gh#11389 ReCaptcha produces deprecated messages under PHP 7 - gh#11387 phpseclib < 2.0 produces deprecated messages on PHP 7 - gh#11404 \"Switch to copied table\" doesn\'t work - gh#11406 Missing quotes after calling \"distinct values\" - gh#11386 Cannot import database with long data in one column - gh#11410 SPATIAL index option is not clickable * Sun Aug 09 2015 ecsosAATTopensuse.org- update to 4.4.13.1 (2015-08-08) - gh#11368 SQL error when importing phpMyAdmin dump file * Sat Aug 08 2015 ecsosAATTopensuse.org- update to 4.4.13 (2015-08-07) - gh#1808 \"Improve table structure\" generates invalid SQL - fix issue Once checked \"Show only active\" checkbox is always checked - gh#1813 Delete rows using \"Check All\" is broken - fix issue Fix PHP 7 possible binding ambiguity - gh#11326 Exported schema includes all the tables of the database - gh#11339 Results not displayed if query ends in delimiter and comment - gh#11320 Live edit of data fields is not working always - fix issue Table list in navigation collapses when entering into a table in another page - gh#11364 JS error while trying to auto navigate to db structure page when db creation has failed * Tue Jul 21 2015 mciharAATTsuse.cz- Apache configuration compatible with both 2.2 and 2.4 * Mon Jul 20 2015 mciharAATTsuse.cz- update to 4.4.12 (2015-07-20) - Saved chart image does not have a proper name or an extension - sf#4976 Timepicker CSS issues in Original theme - sf#4975 Move/Copy/Rename operations on Table/Db fail on Drizzle server - sf#4826 Two inline edit windows - sf#4979 Problem when import *.ods file - Add missing head tag - sf#4985 Column headers move when scrolling- use smaller xz compressed archive- update Apache configuration to be compatible with 2.4 * Wed Jul 08 2015 ecsosAATTopensuse.org- update to 4.4.11 (2015-07-06) - fix bug Missing selected/entered values when editing active options in visual query builder - sf#4969 Autoload from prefs_storage not behaving properly - sf#4972 Incorrect length computed for binary data - fix bug Remove character set from create_tables_drizzle.sql - sf#4973 Users overview needs clarification - sf#4974 Creating a database from console doesn\'t update navigation panel - sf#4844 FAQ 1.17 needs an update- change sourcepath in spec * Thu Jul 02 2015 mciharAATTsuse.cz- switch upstream url to https- include signed release together with keyring to verify signatures * Wed Jun 17 2015 ecsosAATTopensuse.org- add missing sql-scripts to doc * Wed Jun 17 2015 ecsosAATTopensuse.org- update to 4.4.10 (2015-06-17) - sf#4950 Issues in database selection for replication - sf#4951 Trying to save chart as image crashes the browser - sf#4953 cant drag sql.gz file onto import input - sf#4960 Table creation results in GET request with missing server parameter that invalidates the session - sf#4961 Javascript error when Designer is opened - sf#4962 Insert by foreign key scrolls page to top - sf#4955 Clicking on the navi logo does not always work - fix bug External URL for $cfg[\'NavigationLogoLink\'] causes JavaScript error when clicked * Fri Jun 05 2015 ecsosAATTopensuse.org- update to 4.4.9 (2015-06-04) - sf#4920 relation view doesn\'t list fields of table in other database - sf#4905 Sorting by an alias - sf#4931 False error before entering reCAPTCHA - sf#4909 central column with multiple server - sf#4937 Custom export with backquotes off is not working - sf#4908 Reverse proxy: infinite internal redirect (added warning in doc) - sf#4942 Export to gzip saves plain text under Chrome * Thu May 28 2015 ecsosAATTopensuse.org- update to 4.4.8 (2015-05-28) - fix bug Allow accessing visual query builder when pmadb is not configured - sf#4893 Nav tree line alignment issue - sf#4911 Lock page icon is not shown after fresh reload - sf#4912 \"Highlight pointer\" and \"Row marker\" doesn\'t work properly - fix bug Browse foreigners window goes out of the window - sf#4918 Date field popup dialog position bug - fix bug In /setup, PMA_messages is not defined - sf#4924 Recaptcha failure - sf#4930 Database copy doesn\'t work for tables with more than one FULLTEXT index - sf#4929 Edit view structure doesn\'t load the algorithm - sf#4923 Do not limit table comments to 60 characters * Sat May 16 2015 ecsosAATTopensuse.org- update to 4.4.7 (2015-05-16) - sf#4876 Settings issues (Favorite tables shown twice in Settings) - sf#4896 Non-styled error page when following results link - sf#4894 Deleting without confirmation - sf#4858 Issues with SQL autocomplete - sf#4897 Column hint in SQL autocomplete is sometimes not shown - sf#4898 JS error after selecting a field and press Enter - fix bug Honor proxy settings when getting Git commit information - fix bug Missing title on link - sf#4512 ForceSSL Redirect Check - fix bug Undefined index collation_connection - fix bug Error when the reporting server is down - fix bug Escape database and table names for partition maintenance - fix bug Invalid value for CURLOPT_SSL_VERIFYPEER - sf#4367 Import status infinite loop - sf#4902 Designer: Loading does not work - sf#4904 Setup: Overview > Display does not work - sf#4906 Designer: pages from all databases * Wed May 13 2015 ecsosAATTopensuse.org- update 4.4.6.1 (2015-05-13) This update fixes several vulnerabilities- Security fixes: * PMASA-2015-2 (CVE-2015-3902, CWE-661 CWE-352) http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php - sf#4899 [security] CSRF vulnerability in setup * PMASA-2015-3 ( CVE-2015-3903, CWE-661 CWE-295) http://www.phpmyadmin.net/home_page/security/PMASA-2015-3.php - sf#4900 [security] Vulnerability allowing man-in-the-middle attack * Thu May 07 2015 ecsosAATTopensuse.org- update to 4.4.6 (2015-05-07) - sf#4890 webkitStorageInfo and webkitIndexedDB is deprecated - sf#4892 Undefined variable: unique_conditions - sf#4891 CSV Import ignores \"Replace table data with file\" checkbox * Tue May 05 2015 ecsosAATTopensuse.org- update to 4.4.5 (2015-05-05) - fix bug Table overhead stats: missing space before the unit - fix bug Fix resize icon in Designer - sf#4879 Exit fullscreen in Designer does not change the button text - sf#4880 Designer icons missing when using original theme - sf#4878 Column list of central columns is not cleared - sf#4881 jQuery dialogs of the Designer are not displayed in fullscreen - sf#4883 Search function breaks when searching for certain combinations of backslashes and slashes - sf#4830 Maximum execution time exceeded in Util.class.php (better fix) - sf#4885 Some icons are above the overlay of jQuery dialogs - sf#4886 Clicking on external links in advisor rules give JS error - sf#4888 Filter in central columns does not work in other languages * Sun Apr 26 2015 ecsosAATTopensuse.org- update to 4.4.4 (2015-04-26) - sf#4863 Edit vs Change - sf#4859 Don\'t scroll (to bottom) when editing multiple rows - sf#4862 Misaligned Inline edit field - sf#4861 Use of undefined constant PMA_DRIZZLE - sf#4865 sprintf(): Too few arguments - sf#4866 Limit column ordering in index edit dialog - sf#4867 Incorrect ALTER TABLE statement generated - sf#4870 Inconsistency in \'Ignore\' checkbox in insert page - sf#4869 Drop column action not asking to confirm - sf#4871 Error on creating table - fix bug Undefined index: Rows * Mon Apr 20 2015 ecsosAATTopensuse.org- update to 4.4.3 (2015-04-20) - sf#4851 PHP errors in login dialogue - sf#4845 White screen (Cloudflare) - sf#4207 json_encode error due to strftime returning non utf8 chars in Windows 8.1 Chinese version - sf#4794 Server error viewing table content - fix bug Fix issues related to number of decimal places in time - sf#4853 Relation view between 1600 and 1780 px - fix bug PHP 7 compatibility in php-gettext - fix bug PHP 7 compatibility in bfShapeFiles - fix bug PHP 7 session_regenerate_id() warning - sf#4857 Alter table after changing column name error - sf#4830 Maximum execution time exceeded in Util.class.php * Mon Apr 13 2015 ecsosAATTopensuse.org- update to 4.4.2 (2015-04-13) - sf#4835 PMA_hideShowConnection not called after submit_num_fields - sf#4836 Server warning after moving from console to direct clicks - sf#4837 Duplicate new version notification when using the \"Back\" button - sf#4839 DOC link in setting is broken - sf#4841 Status page: Mislukte pogingen per uur value is incorrect - fix bug MIME Transformation link fixed - sf#4838 Prevents console window from moving out of the screen height - sf#4829 Create procedure via SQL Editor not more possible - sf#4833 CSS and Javascript are not compressed - sf#4849 Functions accessed from navigation do not load on ajax dialog - sf#4850 Relation view on 1920 * Sat Apr 11 2015 ecsosAATTopensuse.org- update 4.4.1.1 (2015-04-08) - sf#4846 Web server\'s error log is flooded- changes from 4.4.1 (2015-04-07) - sf#4813 MySQL 5.7.6 and the Users menu tab - sf#4818 MySQL 5.7.6 and changing the password for another user - sf#4819 Request URI too large - sf#4814 MySQL 5.7.6 and Databases - fix bug Use \'server\' parameter in console to work in multi server environments - fix bug Missing tooltip in monitor - fix bug Missing sort icons in monitor - sf#4805 Inline edit broken when using functions in query - sf#4821 Timed-out import fails to restart when file represented - sf#4754 pMA DB not detected properly - sf#4825 Datepicker missing when changing number of rows on Insert page - sf#4824 INNODB STATUS page is empty - sf#4828 JavaScript is loaded in wrong order - sf#4827 TEXT formatting doesn\'t work after inline editing - sf#4822 Compress when php.ini output_buffering is active - sf#4832 Sorting distinct values result loses links - sf#4834 Do not attach token to css requests to improve caching * Fri Apr 03 2015 ecsosAATTopensuse.org- update to 4.4.0 (2015-04-01) + rfe #1553 InnoDB presently supports one FULLTEXT index creation at a time + rfe #1562 Allow tracking multiple table at once from database level tracking page + rfe #1564 Improve action message on Tracking page + rfe #1566 Change value of \"Number of rows:\" when \"Show all\" is checked + rfe Focus console by clicking on white space + rfe #1507 Part 1: Cycle through console history with keyboard up/down arrows + rfe #1579 Default to primary key when adding relation + rfe #1572 User prefs: Diff-friendly JSON for config + rfe #1567 Sever Variables Table UI Improvements - sf#4675 phpMyAdmin should be able to work without \'examples\' DIR - move SQL scripts to sql directory + rfe #1578 Warn about reserved word only when a column is created + rfe #1590 Recaptcha API v2 + rfe #1580 Individual Zeroconf PMA tables support + rfe #1525 Generate keys one per line + rfe #347 allow table with transformed column anywhere in FROM clause + rfe #1591 Shortcut link to search page + rfe #1568 Fold Add Column After / Before into dropdown - sf#4705 Table structure: adding primary key doesn\'t refresh page + rfe #1582 SQL formatter + rfe #1597 Fast filter improvement: remove \"x other results found\" - sf#4720 No error message on Missing extension mbstring + rfe #801 Builtin transformations and relations + rfe #767 USING BTREE support for HEAP/MEMORY tables + rfe #1596 Make \"Options > Relational\" configurable + rfe #719 More details in PDF relation view + rfe #1096 Cannot enter connection for federated engine table + rfe #954 Allow SALT in ENCRYPT function + rfe #1260 Setting LoginCookieValidity > session.gc_maxlifetime + rfe Transformation for JSON - bug Fix isCanvasSupported for new window + rfe #1600 Clarify the \"Inline\" link + rfe #1179 Speed up slow triggers by using EVENT_OBJECT_SCHEMA + rfe #1192 ON DUPLICATE KEY UPDATE for loading CSV - bug fix Cannot execute command from console (multi-server installation) + rfe #1208 linking from information_schema + rfe #1235 Relation view: move to main \"Structure\" page + rfe #1558 Designer menu with explicit text + rfe #937 Relations with views like with tables + rfe #1241 Browse Field -> Search + rfe #723 Provide sanity check for table/column names (table names) + rfe #1312 SessionTimeZone configuration directive - bug fix Add missing confirmation when deleting tracking report entries + rfe Ability to disable foreign key check when emptying tables + rfe #1549 Reset auto-increment when exporting structure + rfe #1602 Recover query in redaction after session end + rfe #1605 After database creation, go to database structure page + rfe #1604 Show PHP version - sf#4770 Multiple delete on table browse ignoring foreign key checkbox + rfe CodeMirror based SQL editor as an input transformation + rfe #1275 CodeMirror based JSON editor as an input transformation + rfe #685 Editor for HTML content + rfe #1595 make professional code editor suggestion + rfe #1606 processlist filter + rfe Change tracking activation status from db level tracking page + rfe #1207 Export users associated with a specific schema/database + rfe #1575 \"Disable database expansion\" : unclear directive name and explanation + rfe #1607 Tool tip for lock icon when making changes to a page + rfe #1327 Hide \'Add user\' link if user does not have privileges + rfe #501 Support for SSL GRANT option + rfe #1608 Central columns allowing setting SIGNED / UNSIGNED attribute for integer + rfe #1441 Add regexp match when using AllowArbitraryServer - sf#4806 Unable to work with two different servers in two tabs- fix incorrect fsf-address- change pma.patch * Sun Mar 29 2015 ecsosAATTopensuse.org- update to 4.3.13 (2015-03-29) - sf#4803 \"Show hidden items\" is sometimes hidden - sf#4807 Breaks when sorting by multiple columns while using UNION - sf#4798 Missing column when exporting in sql - sf#4810 Broken find and replace - sf#4804 Undefined Index after export schema - sf#4802 Changelog page is not working - sf#4815 Infinite calls to index.php - sf#4820 Invalid links to dev.mysql.com - sf#4718 simulate query fails, but actual query does not * Sat Mar 14 2015 ecsosAATTopensuse.org- update to 4.3.12 (2015-03-14) - sf#4746 Right-aligned columns have left-aligned header - sf#4779 PMA_Util::parseEnumSetValues fails on enums with UTF-8 values - fix bug Undefined index savedsearcheswork - sf#4788 Inline edit of DATE fields with NULL, NULL checkbox is under datepicker - sf#4790 DROP TABLE/VIEW IF EXISTS are not tracked - fix bug Compatibility with central columns of version 4.4 - sf#4758 Firefox with auth_type to http with multiple server doesn\'t work anymore - sf#4789 Views aren\'t dropped when copying a database - sf#4784 Incomplete bookmark saving - sf#4786 SELECT width on relations page * Wed Mar 04 2015 ecsosAATTopensuse.org- update to 4.3.11.1 (2015-03-04) This update fixes several vulnerabilities- Security fixes: * PMASA-2015-1 (CVE-2015-2206, CWE-661 CWE-352) [boo#920773] http://www.phpmyadmin.net/home_page/security/PMASA-2015-1.php - fix bug [security] Risk of BREACH attack * Wed Mar 04 2015 ecsosAATTopensuse.org- fix error displayed in Status/Advisor and not functional display of cpu and memory under Status/Monitor/ * Tue Mar 03 2015 ecsosAATTopensuse.org- update to 4.3.11 (2015-03-02) - sf#4774 SQL links are completely wrong - sf#4768 MariaDB: version mismatch - sf#4777 Some images are missing in Designer for original theme - sf#4767 Drizzle: undefined index in mysql_charsets.inc.php - sf#4753 Normal field and multi-line field have different margins - sf#4760 Cannot re-import settings from local storage - sf#4778 SQL error when database list is sorted by additional columns - sf#4780 Notice when timestamp column does not have default value * Fri Feb 20 2015 ecsosAATTopensuse.org- update to 4.3.10 (2015-02-20) - fix bug Undefined index navwork - sf#4744 Opening console scroll down the page - fix bug Remove extra column heading in view structure page - fix bug Add missing confirmation when deleting central columns - fix bug Undefined index DisableIS - sf#4763 Database export with more than 512 tables fails - sf#4769 Previously set column aliases are destroyed if returned to the same table - sf#4752 Incorrect page after creating table - sf#4771 Central Columns not working, showing error * Fri Feb 06 2015 ecsosAATTopensuse.org- update to 4.3.9 (2015-02-05) - sf#4728 Incorrect headings in routine editor - sf#4730 Notice while browsing tables when phpmyadmin pma database exists, but not all the tables - sf#4729 Display original field when using \"Relational display column\" option and display column is empty - sf#4734 Default values for binary fields do not support binary values - sf#4736 Changing display options breaks query highlighting - fix bug Undefined index submit_type - sf#4738 Header lose align when scrolling in Firefox - sf#4741 in ./libraries/Advisor.class.php#184 vsprintf(): Too few arguments - sf#4743 Unable to move cursor with keyboard in filter rows box - fix bug Incorrect link in doc - sf#4745 Tracking does not handle views properly - sf#4706 Schema export doesn\'t handle dots in db/table name - sf#3935 Table Header not displayed correct (Safari 5.0.5 Mac) - sf#4750 Disable renaming referenced columns - sf#4748 Column name center-aligned instead of left-aligned in Relations * Sat Jan 24 2015 ecsosAATTopensuse.org- update to 4.3.8 (2015-01-24) - fix bug Undefined constant PMA_DRIZZLE - sf#4712 Wrongly positioned date-picker while Grid-Editing - sf#4714 Forced ORDER BY for own sql statements - sf#4721 Undefined property: stdClass::$version - sf#4719 \'only_db\' not working - sf#4700 Error text: Internal Server Error - sf#4722 Incorrect width table summary when favorite tables is disabled - sf#4716 Collapse all in navigation panel is sometimes broken - sf#4724 Cannot navigate in filtered table list - sf#4717 Database navigation menu broken when resolution/screen is changing - sf#4727 Collation column missing in database list when DisableIS is true - fix bug Undefined index central_columnswork - fix bug Undefined index favorite_tables * Sat Jan 17 2015 ecsosAATTopensuse.org- update to 4.3.7 (2015-01-15) - sf#4694 js error on marking table as favorite in Safari (in private mode) - sf#4695 Changing $cfg[\'DefaultTabTable\'] doesn\'t update link and title - fix bug Undefined index menuswork - fix bug Undefined index navwork - fix bug Undefined index central_columnswork - sf#4697 Server Status refresh not behaving as expected - fix bug Null argument in array_multisort() - sf#4699 Navigation panel should not hide icons based on \'TableNavigationLinksMode\' - sf#4703 Unsaved schema page exported as pdf.pdf - sf#4707 Call to undefined method PMA_Schema_PDF::dieSchema() - sf#4702 URL is non RFC-2396 compatible in get_scripts.js.php * Thu Jan 08 2015 ecsosAATTopensuse.org- update to 4.3.6 (2015-01-07) - fix bug Undefined index notices while configuring recent and favorite tables - sf#4687 Designer breaks without configuration storage - sf#4686 Select elements flicker and selects something else - sf#4689 Setup tool creates \"pma__favorites\" incorrectly - sf#4685 Call to a member function isUserType() on a non-object - sf#4691 Do not include console when no server is selected - sf#4688 File permissions in archive - sf#4692 Dynamic javascripts gives 500 when db selected * Mon Jan 05 2015 chrisAATTcomputersalat.de- fix for boo#911360 * problems with pma__config enabled by default in phpMyAdmin- rework config patch * fix for pma storage config (disabled by default)- add phpMyAdmin-pma.patch * fix create_tables.sql- fix restart_on_update * Mon Jan 05 2015 ecsosAATTopensuse.org- update to 4.3.5 (2015-01-05) - fix bug Auto-configuration: tables were not created automatically - sf#4677 Advanced feature checker does not check for favorite tables feature - sf#4678 Some of the data stored in configuration storage are not deleted upon db or table delete - sf#4679 Setup does not allow providing a name for favorites table - sf#4680 Number of favorite table are not configurable in setup - sf#4681 \'Central columns table\' field in setup does not have a description - sf#4318 Default connection collation and sorting - sf#4683 Relational data is not properly updated on table rename - sf#4655 Undefined index: collation_connection (second patch) - sf#4682 4.3.3 & 4.3.4 Import sql created by mysqldump fails on foreign keys - sf#4676 Auto-configuration issues - sf#4416 New lines are removed when grid editing (part two: TEXT) * Mon Dec 29 2014 ecsosAATTopensuse.org- update to 4.3.4 (2014-12-29) - sf#4653 Always connection error was shown, on /setup at tab \"configuration storage\" - sf#4661 Drag and drop file import always fails - sf#4651 don\'t open console with esc - sf#4664 select min() displays 1 row, but reports the table amount of rows returned - sf#4666 Undefined indexes in table stucture print view of a view - sf#4663 Export missing back ticks for order table name - sf#4668 Remove from central columns error - sf#4670 CSV import reads both commas and values into first column after first row - sf#4642 phpmyadmin often fails to load due to specific load order - sf#4671 Unable to move all columns - sf#4645 Import of export created with mysqldump - sf#4672 \"Distinct values\" does not page - sf#4667 Consistency in borders - sf#4658 Illegal string offset (Data_length, Index_length) - sf#4655 Undefined index: collation_connection - sf#4673 Delimiter causing page lock * Sun Dec 21 2014 ecsosAATTopensuse.org- update to 4.3.3 (2014-12-21) - fix bug The \"Recently used tables\" setting should be with Nav panel - sf#4647 Can\'t disable Favorites - sf#4646 Version Check Broken - sf#4630 AJAX request infinite loop - sf#4649 Attributes field size smaller than others - sf#4622 Cannot remove table ordering on a Mac - fix bug Fix initial replication configuration - fix bug Undefined index central_columnswork - sf#4657 Don\'t have default blowfish_secret - sf#4656 Some error popups fade away too quickly - sf#4648 Consistency in borders - fix bug $cfg[\'Error_Handler\'][\'display\'] no longer necessary - sf#4659 Leading and trailing whitespace in column name * Fri Dec 12 2014 ecsosAATTopensuse.org- update to 4.3.2 (2014-12-12) - sf#4628 PHP error while exporting schema as PDF - sf#4631 Server selector submits two server parameter values - sf#4629 Problem with custom SQL queries using cookie authentication - fix bug Undefined index central_columnswork - sf#4632 Notice in ./libraries/Util.class.php#1916 Undefined index: query - sf#4633 Wrong parameter in fetchValue - sf#4634 Error reporting creates an infinite loop - sf#4635 Token mismatch while creating configuration storage - sf#4640 Incorrect reference to PHP 6 - sf#3794 failure to handle repeating empty columns when importing ODS - sf#4638 Default Export Method setting broken - sf#4639 Export SQL missing indentation first field - sf#4637 Field Alignment - sf#4644 Error when browsing tables * Mon Dec 08 2014 ecsosAATTopensuse.org- update to 4.3.1 (2014-12-08) - sf#4609 \'Show all\' checkbox label is not clickable - sf#4610 JS error reporting: Hash fragment is reset - fix bug Undefined index menuswork - sf#4614 Separator between \"Show All\" and \"Number of rows\" disappears - sf#4615 SQL highlighting in process list breaks on auto refresh - sf#4616 Warning in db structure print view page - fix bug Undefined index navwork, savedsearcheswork, fields - sf#4620 Undefined index while adding to the central columns list - sf#4618 Page scrolls while GIS visualization is zoomed in/out with mousewheel - sf#4613 HHVM: method \'ob_gzhandler\' not found - sf#4593 Manual \"SELECT\" doesn\'t change active table - sf#4623 Incomplete PHP OpenSSL support - sf#4626 Ctrl + click on a column not in sort triggers a server call to erroneous url - sf#4625 \"Insufficient space to save the file\" on export SQL to file on server - sf#4627 \"file_get_contents(examples/create_tables.sql): failed to open stream\" after update - sf#4617 UI issues with sortable tables - sf#4619 SELECT LENGTH(`field`) FROM `table` does not sort * Sat Dec 06 2014 ecsosAATTopensuse.org- update to 4.3.0 (2014-12-05) + rfe #1502 Smart sorting for int keys + rfe #1521 Confirmation message when dropping user(s) + rfe #1518 Confirm dialog on accidentally leaving a page + rfe #1445 Easy access to \"SHOW CREATE ...\" + rfe #1448 Allow clicking an approximate row count to get a correct one + rfe #1487 \"Browse foreign values\" should be a modal dialog + rfe #1523 Better visual clue for table structure primary key column + rfe #982 Support for editing binary fields in hexadecimal - sf#4416 New lines are removed when grid editing + rfe #706 Multi-db privileges adding + rfe #1527 Charts for data in format + rfe Allow saving query charts as images + rfe #1145 Preview SQL instead of executing it + rfe #759 Use aliases in SQL export for tables and columns - sf#4450 Query is duplicated on Ctrl+Enter + rfe #755 Export with table/column name changes + rfe #869 Run SQL query: Allow rollback for InnoDB tables + rfe #654 Range Search Capability + rfe #1490 Dynamic process list + rfe #1522 Drag and Drop SQL import + rfe #637 Custom Field Handlers + rfe #1488 User privilege tab not shown in all relevant cases + rfe #781 Privileges for non superuser + rfe #908 Improvements for the table editor (index creation) + rfe #1426 Navigation state lost on reload - sf#4439 Table list in left panel doesn\'t expand + rfe Improved validation when inserting data + rfe #1491 Support InnoDB for database Query by example + rfe #345 Normalize a table + rfe #1123 Zeroconf PMA tables support + rfe #1492 Remove the distinct query window / Add SQL log+history panel + rfe #919 Multiple-column foreign key relation - sf#3165 Redundant foreign keys not supported - fix bug Incorrect link to documentation + rfe #857 Regexp replace - fix bug Incorrect path in change password when on reverse proxy or non-root directory + MariaDB 10+ multi-master replication support + rfe #1544 MySQL 5.7.5 compatibility + rfe #1529 Avoid session timeout when user is active - sf#4528 Can\'t import dump via SQL field + rfe #1251 Show \"Overhead\" with same precision for all tables + rfe #1546 Improve the js printf library + rfe #1542 Better error reporting in Designer - sf#4547 Micro history does not work in Users page - sf#4551 Wrong test in source code - sf#4537 BLOB inline-view JPG column transformation does not work for anything except simple queries + rfe #1535 Keyword-based autocompletion in SQL query editors - sf#4558 Unable to Add Rows while Creating Table + rfe #1547 Wrap No Tables Found message with message box - sf#4559 Logging in causes 100% CPU usage - sf#4564 Designer: spaces in table name with edit table link generates bad links - sf#4582 Debug SQL works only for the first page - sf#3869 Count( *) on information_scheme.INNODB_BUFFER_PAGE with a huge bufferpool - sf#4495 Comment lines in multiquery - sf#4535 Loads of Warnings/Notices in PMA_getServerSlaveStatus on replication slave - sf#4585 Multi query results not shown + rfe #1556 Disabling Show all - sf#4513 phpmyadmin run very slow (information_schema) - sf#4243 Super slow page rendering with tens of thousands of DBs - sf#4391 Upgraded to 4.2.0, insanely slow now + rfe #1537 PHP OpenSSL support for cookie encryption/decryption - sf#4227 Token mismatch when using HTTP AUTH and the SESSION expires- change all my old mail address in this changelog from ecsosAATTold.domain to ecsosAATTopensuse.org * Wed Dec 03 2014 ecsosAATTopensuse.org- update to 4.2.13.1 (2014-12-03) This update fixes several vulnerabilities- Security fixes: * PMASA-2014-18 (CVE-2014-9219, CWE-661 CWE-79) [boo#908364] http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php - sf#4612 [security] XSS vulnerability in redirection mechanism * PMASA-2014-17 (CVE-2014-9218, CWE-661 CWE-400) [boo#908363] http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php - sf#4611 [security] DOS attack with long passwords * Sun Nov 30 2014 ecsosAATTopensuse.org- update to 4.2.13 (2014-11-30) - sf#4604 Query history not being deleted - sf#4057 db/table query string parameters no longer work - sf#4605 Unseen messages in tracking - sf#4606 Tracking report export as SQL dump does not work - sf#4607 Syntax error during db_copy operation - sf#4608 SELECT permission issues with relations and restricted access * Thu Nov 20 2014 ecsosAATTopensuse.org- update to 4.2.12 (2014-11-20) This update fixes several vulnerabilities, as well as a number of other bug fixes.- Security fixes: * PMASA-2014-16 (CVE-2014-8961, CWE-661 CWE-23) [boo#906488] http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php - sf#4595 [security] Path traversal can lead to leakage of line count * PMASA-2014-15 (CVE-2014-8960, CWE-661 CWE-79) [boo#906487] http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php - sf#4596 [security] XSS through exception stack * PMASA-2014-14 (CVE-2014-8959, CWE-661 CWE-98) [boo#906486] http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php - sf#4594 [security] Path traversal in file inclusion of GIS factory * PMASA-2014-13 (CVE-2014-8958, CWE-661 CWE-79) [boo#906485] http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php - sf#4578 [security] XSS vulnerability in table print view - sf#4579 [security] XSS vulnerability in zoom search page - sf#4598 [security] XSS in multi submit - sf#4597 [security] XSS through pma_fontsize cookie- Other bug fixes: - sf#4574 Blank/white page when JavaScript disabled - sf#4577 Multi row actions cause full page reloads - fix ReferenceError: targeturl is not defined - fix Incorrect text/icon display in Tracking report - sf#4404 Recordset return from procedure display nothing - sf#4584 Edit dialog for routines is too long for smaller displays - sf#4586 Javascript error after moving a column - sf#4576 Issue with long comments on table columns - sf#4599 Input field unnecessarily selected on focus - sf#4602 Exporting selected rows exports all rows of the query - sf#4444 No insert statement produced in SQL export for queries with alias - sf#4603 Field disabled when internal relations used * Fri Oct 31 2014 ecsosAATTopensuse.org- update to 4.2.11 (2014-10-31) - fix ReferenceError: Table_onover is not defined - sf#4552 Incorrect routines display for database due to case insensitive checks - sf#4259 reCaptcha sound session expired problem - sf#4557 PHP fatal error, undefined function __() - sf#4568 Date displayed incorrectly when charting a timeline - sf#4571 Database Privileges link does not work - fix makegrid.js: where_clause is undefined - sf#4572 missing trailing slash (import and open_basedir) * Tue Oct 21 2014 andreas.stiegerAATTgmx.de- phpMyAdmin 4.2.10.1 [boo#902154] [CVE-2014-8326] This release fixes cross-site scripting vulnerabilities in the SQL debug output and server monitor pages. This developer option is not enabled by default. - sf#4562 [security] XSS in debug SQL output - sf#4563 [security] XSS in monitor query analyzer * Sat Oct 11 2014 ecsosAATTopensuse.org- update to 4.2.10 (2014-10-11) - sf#4361 Can\'t change font size (when config.inc.php not present) - sf#4542 Tab key in column name not shown - fix bug PDF export: title not present in PDF - sf#4543 Changing column name can break saved \"order by\" clause - sf#4545 trying to favorite table while browser localStorage is disabled throws JS error - sf#4259 reCaptcha sound session expired problem - sf#4548 Inline editing a field converts tab to spaces - sf#4252 Database-level permission bug for db names containing underscores - sf#3120 Events are not exported when using xml - sf#4554 Grid-editing timestamp column forces datepicker - sf#4556 Fast filters for tables, views etc. should be governed by NavigationTreeDisplayItemFilterMinimum * Wed Oct 01 2014 andreas.stiegerAATTgmx.de- phpMyAdmin 4.2.9.1 [bnc#899452] [CVE-2014-7217] Contains a fix for a cross-site scripting vulnerability in the table search and table structure pages which could be trigged with a crafted ENUM value - sf#4544 [security] XSS vulnerabilities in table search and table structure pages * Sat Sep 20 2014 ecsosAATTopensuse.org- update to 4.2.9 (2014-09-20) - fix bug ajax.js responseHandler: cannot read property of null - fix bug sql.js: str is undefined - sf#4524 Allow for direct selection of \"0\" on the \"user overview\" page - sf#4529 Undefined index: pos - sf#4523 tbl_change.js: insert as new row submit type on multiple selected records does not set all AUTO_INCREMENTs to 0 value - fix bug ajax.js responseHandler: another \"cannot read property\" - fix bug tbl_structure.js \"cannot read property\" * Sun Sep 14 2014 chrisAATTcomputersalat.de- fix for bnc#896635 * update to 4.2.8.1 (2014-09-13) * PMASA-2014-10 (CVE-2014-6300, CWE-661 CWE-352) http://www.phpmyadmin.net/home_page/security/PMASA-2014-10.php - sf#4530 [security] DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions * Fri Sep 05 2014 chrisAATTcomputersalat.de- rollback changes introduced by fix for bnc#894107 cause they broke apache pkg. * Sun Aug 31 2014 ecsosAATTopensuse.org- update to 4.2.8 (2014-08-31) - sf#4516 Odd export behavior - sf#4519 Uncaught TypeError: Cannot read property \'success\' of null - sf#4520 sql.js: cannot read property - sf#4521 Initially allowed chart types do not match selected data - sf#4518 Export to SQL: CREATE TABLE option AUTO_INCREMENT ignored - sf#4522 Duplicate column names while assigning index - sf#4487 Export of partitioned table does not import - fix bug server_privileges.js: cannot read property - sf#4527 Importing ODS files with column names having trailing spaces fails - sf#4413 Navigation Error in Nav Tree for Search Results Past the First Page - fix bug functions.js: Cannot read property \'replace\' of undefined * Fri Aug 29 2014 chrisAATTcomputersalat.de- fix for bnc#894107 * fix post/postun for systemd * Tue Aug 19 2014 chrisAATTcomputersalat.de- fix changes file * add missing PMASA / CVE info * Mon Aug 18 2014 andreas.stiegerAATTgmx.de- fix for bnc#892401 * update to 4.2.7.1 * PMASA-2014-8 (CVE-2014-5273, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-8.php - sf#4501 [security] XSS in table browse page - sf#4502 [security] Self-XSS in enum value editor - sf#4503 [security] Self-XSSes in monitor - sf#4504 [security] Self-XSS in query charts - sf#4517 [security] XSS in relation view * PMASA-2014-9 (CVE-2014-5274, CWE-661 CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-9.php - sf#4505 [security] XSS in view operations page * Thu Jul 31 2014 ecsosAATTopensuse.org- update to 4.2.7 (2014-07-31) - sf Broken links on home page - sf#4494 Overlap in navigation panel - sf#4427 Action icons not in horizontal order - sf#4493 s_attention.png is missing - sf#4499 Uncaught TypeError: Cannot call method \'substr\' of undefined - sf#4498 PMA 4.2.x and HHVM - sf#4500 mysql_doc_template is not defined * Fri Jul 18 2014 ecsosAATTopensuse.org- update to 4.2.6 (2014-07-17) - sf#4471 Undefined index warning with referenced column. - sf#4027 $cfg[\'MaxExactCount\'] is ignored when BROWSING is back - sf#4482 Multi Column sorting (improved user experience) - sf#4478 Server validation does not work while in setup/mysqli - sf Undefined variable when grid editing a foreign key column - sf#4481 mult_submits.inc.php Undefined variable Error - sf#4485 Sorting breaks the copy column feature - sf#4440 Javascript error when renaming table - sf#4483 \'New window\' link (selflink) disappears, causing Javascript error - sf#4489 Incorrect detection of privileges for routine creation - sf#4459 First few characters of database name aren\'t clickable when expanded - fix for PMASA-2014-4 (CVE-2014-4954, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-4.php * sf#4486 [security] XSS injection due to unescaped table comment - fix for PMASA-2014-5 (CVE-2014-4955, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-5.php * sf#4488 [security] XSS injection due to unescaped table name (triggers) - fix for PMASA-2014-6 (CVE-2014-4986, CWE-661, CWE-79) http://www.phpmyadmin.net/home_page/security/PMASA-2014-6.php * sf#4492 [security] XSS in AJAX confirmation messages - fix for PMASA-2014-7 (CVE-2014-4987, CWE-661) http://www.phpmyadmin.net/home_page/security/PMASA-2014-7.php * sf#4491 [security] Missing validation for accessing User groups feature * Thu Jun 26 2014 ecsosAATTopensuse.org- update to 4.2.5 (2014-06-26) - sf#4467 shell_exec() has been disabled for security reasons - sf#4470 Error while submitting empty query - sf#4463 Fatal error: Class \'PMA_DatabaseInterface\' not found - sf#4469 Fixed cookie based login for installations without mcrypt - sf#4473 incorrect result count when having clause is used - mcrypt: remove the requirement (64-bit) and the related warning * Sat Jun 21 2014 ecsosAATTopensuse.org- update to 4.2.4 (2014-06-20) - sf#4449 Mediawiki export does not produce table header row; also fix related PHP warnings - sf#4442 New lines are added to query every time - sf#4445 Fatal error on SQL Export of join query - sf#4448 Dump binary columns in hexadecimal notation not working - Regenerate cookie encryption IV for every session - sf#4405 Cannot import (open_basedir): fix another case - sf#4457 SQL tab - Insert queries not showing affected row count - bug Missing warning about existing account, on multi-server config - sf#4435 WHERE clause can be undefined - bug SQL export views as tables option getting ignored * fix for PMASA-2014-3 ( CVE-2014-4349, CWE-661, CWE-79 ) http://www.phpmyadmin.net/home_page/security/PMASA-2014-3.php - sf#4464 [security] XSS injection due to unescaped db/table name in navigation hiding * fix for PMASA-2014-2 ( CVE-2014-4348, CWE-661, CWE-79 ) http://www.phpmyadmin.net/home_page/security/PMASA-2014-2.php - sf#4465 [security] XSS injection due to unescaped db/table name in recent/favorite tables * Mon Jun 09 2014 andreas.stiegerAATTgmx.de- update to 4.2.3: - sf#4423 Moving fields not working - sf#4424 Table indexes disappear after altering field - sf#4432 Error while displaying chart at server level - sf#4405 Cannot import (open_basedir) - sf#4396 Problem copying constraints (such as Sakila) - sf#4433 Missing privileges submenu - sf#4394 Drop db confirmation message when dropping a user - sf#4436 Insert form numeric field with function drop-down list - sf#4437 Problems due to missing enforcement of the minimum supported MySQL version - Add enforcement of the minimum supported PHP version (5.3.0) - bug: Query error on submitting a column change form containing a disabled input field - bug: Incorrect menu tab generation from usergroups - bug: Missing space in index creation/edit generated query - sf#4434 Unchecking \'Show SQL queries\' results NaN * Tue May 20 2014 ecsosAATTopensuse.org- update to 4.2.2 (2014-05-20) - sf#4388 Disable database expansion when enabled throws Error 500 when database name is clicked in navigation tree - sf#4414 table display of performance_schema DB structure - sf#4411 Protect Binary Columns: many problems - sf#4395 BLOB link transformation is broken - sf Respect [\'ShowCreateDb\'] in the navi panel - sf#4392 Cannot see databases in nav panel on databases grouping when disabled database expansion - sf#4419 No more calendar into search tab - sf#4398 Monitor should fit into screen width - sf#4418 When copying databases, primary key attributes get lost - sf#4421 empty maxInputVars on js/messages.php * Tue May 13 2014 ecsosAATTopensuse.org- update to 4.2.1 (2014-05-13) - sf#4380 Cannot display table structure with enums containing special characters - sf#4381 Cannot remove the last remembered sorted column - sf Correctly fetch length of user and host fields in MySQL tables - sf#4364 examples/signon.php does not support the SessionSavePath directive - sf#4382 Missing source for OpenLayers library - sf Incorrect attributes for number fields - sf#4383 Cannot update values in Zoom search - sf#4313 GIS Visualization Extension does not work with PointFromText() function - sf#4384 Incorrect \"Rows\" total shown when truncating or dropping a table on DB Structure page - sf#4385 Grid edit on sorted columns fails - sf#4389 Null checkbox covering data input when editing - sf#4390 Data type changing by itself (no size but attribute present) * Thu May 08 2014 ecsosAATTopensuse.org- update to 4.2.0 (2014-05-08) + rfe #1403 Export only triggers + rfe #1483 Export Server/Database/Table without triggers + rfe #1662 Add table comment tool tip in database structure page + rfe #1447 Single table for display Character Sets and Collations + rfe #1455 Display icons/text/both for the table row actions + rfe #1473 Transformation to convert Boolean value to text - sf#4157 Changing users password will delete it + rfe #1474 Text transformation combines Append and Prepend + Added warning about the mysql extension being deprecated and removed the extension directive + Added support for scatter charts + rfe #1478 Make Column Headings Sticky + rfe #1480 Enhance privileges initials table + rfe #1472 [interface] Break \"Edit privileges\" with sub-menus + rfe #1466 Minor refactoring required + rfe #1004 Create indexes at the end in SQL export + rfe #1479 Relations edit form for larger monitors + rfe #1475 Inline query box vertical resize + rfe #1500 [interface] Add bottom border to top menu container + rfe #1498 Add datepicker for \'TIME\' type - sf#4237 HTTP Referer disclosure in SQL links + rfe Show full names on navigation hover + rfe #1505 Behaviour on click on a routine in nav panel + rfe #1418 Support more than one separating character on CSV import + rfe #569 Load/Save Query By Example - sf#4281 Grid edit ENUM field, dialog disappears when trying to select - sf#4304 DB export using zip compression generates an empty archive + rfe #1508 confirmation message at the top - sf#4306 breadcrubs wrong on table create + rfe #1511 better validate database name for copying + rfe #1510 Database tab \"Drop\" button should be a link + rfe #1513 Highlight required form fields after failed submission + rfe #1460 Redirect to login page after session has expired - sf#4316 Grid edit: can\'t change month on date fields + rfe #1501 add maxlength by field with length-spec + rfe #1512 Import happily doesn\'t do anything with no file name provided + rfe #1514 Add function to all the insert boxes automatically + rfe #1515 Option to skip tables larger than n + rfe #1486 Possibility of disabling database expansion + rfe #1476 Favourite tables select box + rfe #420 $cfg[\'CharEditing\']=\'textarea\' for structure edit + rfe #1329 Avoid editing of fields which are part of relation + rfe [interface] Highlight active left menu item in setup + rfe Filter on-screen rows during Browse Removed support for SQL Validator (SOAP service no longer offered) - sf#4352 Settings > Manage: incorrect messages - sf#4337 \"More\" in Actions area doesn\'t collapse to fit available space - sf#4375 Group two DB, one\'s name is the prefix of the other one - sf#4070 Confusing database/table grouping - sf#4366 Creating Index doesn\'t update index-list * Sat Apr 26 2014 andreas.stiegerAATTgmx.de- phpMyAdmin 4.1.14 * sf#4365 Creating bookmark with multiple queries not working * sf#4372 Changing browser transformation results in unnecessary table rebuild * sf#4375 Group two DB, one\'s name is the prefix of the other one * sf#4376 [interface] Login fields show in separate line * Sun Apr 13 2014 ecsosAATTopensuse.org- update to 4.1.13 (2014-04-13) * sf#4279 CTRL + up or down moves 2 fields * sf#4336 List server css style wrong * sf Missing value on the Status > Server page * sf#4347 Fixed PHP Parse error in Advisor * sf#4350 Deleting the DB if it is renamed by the same name * sf#4353 makeProfilingChart is not defined * sf#4355 Precision specifier for DOUBLE type is truncated * sf#4346 Incorrect \"Export incomplete\" message * sf#4359 Notices on create table page * sf#4356 GROUPed selects show number of rows as if not grouped * sf#4357 JS Form submitted on \"enter\" even if focus is inside a select field * Thu Mar 27 2014 ecsosAATTopensuse.org- update to 4.1.12 (2014-03-27) * sf#4334 Add event : datepicker won\'t open * sf#4338 Fix missing value error while executing SQL query * TCPDF library is now optional dependency * sf#4326 Cannot find the import plugins which start with uppercase \'I\' * Sat Mar 22 2014 andreas.stiegerAATTgmx.de- phpMyAdmin 4.1.11: * sf#4335 reCaptcha problem (4.1.10 regression) * Sat Mar 22 2014 ecsosAATTopensuse.org- update to 4.1.10 (2014-03-22) * sf#4301 Grid edit: \"SELECT\" query is replaced by \"UPDATE\" query after edit * sf#4278 reCaptcha re-login requires double effort * sf#4324 Datepicker not showing up on insert page * sf#3991 Problem selecting item in select boxes with the ENTER keystroke in some browsers * sf#4323 QueryWindow ignores CodeMirror * sf None of the live charts shown on \"Status -> Monitor\" (Chrome) * Sat Mar 08 2014 ecsosAATTopensuse.org- update to 4.1.9 (2014-03-06) * sf#4279 CTRL + up or down moves two fields (part one) * sf#4294 output as text radio clickable for \"OpenDocument Text\" export * sf#4297 DROP DATABASE tick box in export no longer works * sf#4291 Unable to export comments in OpenDocument text format * sf#4299 Deletion even when the user says \"No\" to the confirmation message * sf#4303 \"New\" link in navi panel is shown even if no privileges * sf#4302 Some params are being omitted from microhistory * sf#4298 Missing validation on Import CSV: \"Columns enclosed with\" and \"Columns escaped with\" * sf#4040 Fatal error while resetting settings * sf#4305 JS error when editing procedure from nav panel * sf#4308 Edit routine form submitting when pressing enter * sf#4307 Nav: \"Columns\" won\'t expand with specific schema * Wed Feb 26 2014 chrisAATTcomputersalat.de- fix changes file * Sat Feb 22 2014 ecsosAATTopensuse.org- update to 4.1.8 (2014-02-22) * sf#4276 Login loop on session expiry * sf#4249 Incorrect number of result rows for SQL with subqueries * sf#4275 Broken Link to php extension manual * sf#4053 List of procedures is not displayed after executing with Enter * sf#4081 Setup page content shifted to the right edge of its tabs * sf#4284 Reordering a column erases comments for other columns * sf#4286 Open \"Browse\" in a new tab * sf#4287 Printview - Always one column too much * sf#4288 Expand database (+ icon) after timeout doesn\'t do anything * sf#4285 Fixed CSS for setup * Fixed altering table to DOUBLE/FLOAT field * sf#4292 Success message and failure message being shown together * sf#4293 opening new tab (using selflink) for import.php based actions results in error and logout * Sun Feb 09 2014 ecsosAATTopensuse.org- fix for bnc#864917 * PMASA-2014-1 ( CVE-2014-1879, CWE-661 CWE-79) * update to >= 4.1.7- update to 4.1.7 (2014-02-09) * sf#4245 initial Browse query does not match sorting order * sf#4250 Notice on export page * sf#4253 \"New\" text in navigation frame acts like a database * sf#4262 Cannot define a column with fractional seconds * sf#4265 Missing datepicker icon for DATETIME(length) * sf#4257 Hide fractional seconds when applicable * sf#4264 Uncheck \"Ignore\" while inserting, upon leaving a textarea * sf#4260 reCaptcha is ignoring language settings * sf#4259 reCaptcha sound session expired problem * sf#4263 Japanese character encoding not working properly when exporting * sf#4269 Notice on table relation page * sf#4270 Bad text-color for table comments * sf#4278 reCaptcha re-login requires double effort * sf#4272 Incorrect tabindex * sf#4271 Query by example and the second criteria line * sf#4242 Wildcard-containing only_db failure in sidebar * Sun Jan 26 2014 ecsosAATTopensuse.org- update to 4.1.6 (2014-01-26) * sf#4232 User not found after creating the user * sf#4241 Confusing dialog when trying to create an already existing user * sf#4239 Missing LIMIT clause for some queries * rfe #1489 Do not show create icon when user has no privileges * sf#4218 Chrome behavior with date fields * sf#3579 NOW() function incorrectly selected (regression) * sf#4244 Advisor complaints about MariaDB 10.x is version less than 5.1 * sf#3889 When login fails and error display is active, login data is displayed (regression) * sf#4247 open_basedir warnings on export page * sf#4013 AJAX request waiting until version info is retrieved * sf#4248 js error when changing number of columns in status monitor * Fri Jan 17 2014 andreas.stiegerAATTgmx.de- phpMyAdmin 4.1.5 * sf#3780 Allow aborting loading pages * sf#4223 Database list: Create database misses collation column * sf#4224 Empty table names when a table is \"inuse\" * sf#4225 Partition maintenance broken * sf#4219 Table list (left panel) does not reload when table renamed * sf#4230 \"in use\" displayed for all views in database print view * sf#4226 Notice: Undefined index: pma_config_loading * sf#4221 Bzip2 export cannot be directly imported (so withdraw bz2 export) * sf#4204 Reloading user privileges hides user groups submenu * sf#4231 DATE columns quick edit decrement by one day * Wed Jan 08 2014 ecsosAATTopensuse.org- update to 4.1.4 (2014-01-07) * sf#3840 (additional fix) When exporting to gzip format, the data is compressed 2 times * sf#4209 Missing compression in one case * sf#4208 Can\'t browse tables after sorting on columns with fieldnames that have a \'-\' * sf#4184 Switch to wrong page after adding an index * sf#3885 Additional fix for this bug * sf#4212 Table \"disappears\" if it has the same name as its tablegroup * sf#4213 Datetime Quick Edit decrements by one day * sf#4217 Current value not highlighted when browsing foreign values * sf#4220 Incorrect key values in foreign key browser * sf#4215 MariaDB 5.5: error in Drizzle detection * Wed Jan 01 2014 andreas.stiegerAATTgmx.de- add source URL, see https://en.opensuse.org/SourceUrls * Wed Jan 01 2014 ecsosAATTopensuse.org- update to 4.1.3 (2013-12-31) * sf#3938 PDFDefaultPageSize doc and easy configurability * sf#4198 Hovering over pie chart gives fatal JS error * sf#4200 Missing syntax highlighting * sf#4201 Exports are not compressed * sf#4131 Import: \"number of rows to skip\" is ambiguous * sf#4205 Add a user shows additional \"edit user group\" link * sf#4202 Cannot read property \'token\' of undefined * sf#4203 On refreshing designer, $.FullScreen is undefined * sf#3920 Lost space in navigation area- Fix python-bytecode-inconsistent-mtime * Mon Dec 23 2013 ecsosAATTopensuse.org- update to 4.1.2 (2013-12-23) * sf#4178 Quick edit for BIT type does not work * sf#2760 Warn about incomplete exports * sf#4190 Fractional seconds cause row update even if the value is not changed * sf#4170 Overflow scroll for table grid is not a good solution * sf#2961 Relations settings not updated on config change * sf#4187 SQL query inline edit doesn\'t post changes on the first run * rfe #1465 Docs for connections to IPv6 only MySQL instances * rfe #1468 [interface] No floating for server breadcrumb menu * Tue Dec 17 2013 ecsosAATTopensuse.org- update to 4.1.1 (2013-12-17) * sf#4154 Error using UNION query * sf#4173 Transformations overview not reachable * sf#4149 Js freezes in the management of replication * sf#3903 Query fails when using aliases after ordering result * sf#4181 Adding columns in table creation clears existing columns * sf#4023 Requires wildcard EXECUTE/ALTER ROUTINE on DB to allow Procedures to be executed by user * sf#4186 Adding a column when creating a table does not propagate index info * sf#4185 Unable to execute create procedure statement from query window * Sun Dec 15 2013 ecsosAATTopensuse.org- update to 4.1.0 (2013-12-11) * rfe #499 On user creation, warn if the user already exists * Use indeterminate check all checkbox in server privileges * Break server_status.php functions into smaller functions * PMA_DBI functions in database_interface.lib.php renamed to be compliant with PEAR standards * [interface] Make warning about existing config directory clearer * rfe #1414 Allow specifying controlport * PMA_DBI functions in database interface libraries renamed to be compliant with PEAR standards * rfe #1412 Creating a view from an empty set of results * Improved layout on db and table operations pages * rfe #1410 Added support for AES_ENCRYPT for blob fields * rfe #1423 Clarify option text for icon/text settings * [interface] Upgraded CodeMirror to 3.x series * rfe #1363 Improved query profiler * [interface] rfe #1429 Better suggestion for database name * rfe #1433 Support relations with ndbcluster * sf#3962 Proper escaping of JSON export * rfe #1382 Optional ReCAPTCHA support * rfe #1434 Improvements to the table browsing navigation bar * rfe #1233 and rfe #1283 Improvements to Relation View interface * rfe #1397 Use fractional seconds in time, datetime, and timestamp * rfe #175 Allow cross-database relations * [core] Dropped support for PHP 5.2. * rfe #487 and rfe #1405 Find and Replacing column wise * rfe #1373 Use same create view dialog for editing a view * rfe #316 Configurable menus; allow user groups with customized menus per group * sf#4024 Editing field a record is selected by makes pma load forever * sf#4035 Query \"inline\" link disappears when turning off \"Explain SQL\" option * rfe #1385 Hide tables, functions, procedures, events and views in navigation tree * rfe #1321 Export view as if it was a table * Dropped configuration directive: SQP * Dropped configuration directive: MySQLManual * * rfe #1041 and bug #2954 Improved support for SSL connections between MySQL and phpMyAdmin * sf#4056 Language: Vague error message when adding a varchar field * [setup] rfe #1452 Use type=\"password\" for server passwords * rfe #1451 HTML5 input tag enhancements * sf#1193 Text field too small when editing a row longer than $cfg[\'LimitChars\'] * Privileges tab for table level * sf#4068 Headline in operations not readable in IE10 * sf#4000 \"Table does not contain unique column\" message appears after adding a unique column * rfe #1428 add \'new database\' entry to nav tree * rfe #1457 Stone Age icon found * rfe #1463 Filter tables and databases by regular expression * Change the proxy variable names in the config to remove the VersionCheck prefix from them * Added an Error Reporting Component * Javascript files are no longer uglified * sf#4145 Config screen fails to validate MemoryLimit = -1 (new default) * sf#4123 Double config including * sf#4134 After deleting all rows on a page, it returns to a blank page * Dropped configuration directive: DisableIS, ShowDatabasesCommand * sf#4152 Not possible to enter % for search in date fields * sf#3931 IN Clause search does not permit multiple values * sf#4086 Clicking OK from edit popup opens new tab * sf#2983 unknown table status: TABLE_TYPE * sf#4030 ORDER BY SUM(`field`) does not sort DESC * sf#4133 CSV import breaks when no blank line at end of file * sf#4153 Unable to import if newline encoding is MAC style * sf#4096 horizontal scrollbar should not overflow on the left column * sf#4159 bug with navigation between database and table filter * sf#4119 Huge session data with $cfg[\'Error_Handler\'][\'gather\'] * sf#4169 Table list jumps to table on click * sf#4168 Rename multiple columns is not working * Fri Dec 06 2013 ecsosAATTopensuse.org- update to 4.0.10 (2013-12-04) * sf#4150 Clicking database name in query window opens a new tab * sf#4141 Wrong page is shown after editing; also, do not show a modal dialog for multi-row edit * sf#3939 PHP NavigationTree error when paging through list * sf#4075 Support A10 Networks load balancer * sf#4083 row deleting isn\'t binlogs friendly * sf#4163 Setup script does not recognize manually-configured server * sf#4158 Events page says no privileges with ALL PRIVILEGES * Sun Nov 10 2013 ecsosAATTopensuse.org- update to 4.0.9 (2013-11-04) * sf#4104 Can\'t edit updatable view when searching * sf#4108 Missing refresh by deleting databases * sf#3995 Drizzle server charset notice * sf#3911 Filtering database names includes empty groupings * sf#3678 Does not display or manipulate bit(64) fields appropriately * sf#4129 Unneeded navi panel refresh * sf#4120 SSL redirects to port 80 * sf#4144 DROP DATABASE displays wrong database name * sf#4059 Running delete query asks for confirmation but says it was already executed * sf#4147 Accessibility: Images without Alt nor title attribute * Mon Oct 07 2013 ecsosAATTopensuse.org- update to 4.0.8 (2013-10-06) * sf#3988 Rename view is not working * sf#4041 Interaction between linkified fields and grid editing * sf#3975 Table grouping isn\'t implemented properly * sf#4060 Browser tries to remember wrong password when creating new user * sf#4002 Edit Index on big table doesn\'t show \"Loading\" or any message * sf#4098 Default table tab is ignored * sf#4099 Server/library difference warning: setting is ignored * sf#4100 table tree group strategy * sf#4102 ALTER TABLE ORDER BY and InnoDB * sf#4103 Tracking report: cannot delete a statement * sf#3996 Drizzle navigation doesn\'t expand * sf#4074 GIS column editor: point not displayed * sf#4109 Drizzle tables in navigation are shown as views * sf#4095 NUL symbols added to the end of database dump file * sf#4105 More disappears in table Structure * sf#3992 Multi-row edit doesn\'t clear values when checking NULL * Sun Sep 29 2013 ecsosAATTopensuse.org- update to 4.0.7 (2013-09-23) * sf#3993 Sorting in database overview with statistics doesn\'t work * bug Handle the situation where PHP_SELF is not set * sf#4080 Overwrite existing file not obeyed * sf#3929 Database-specific privileges are not copied when cloning user * sf#3997 Error handling in case MySQL extension is missing * sf#4089 Moving Columns will alter column definition * sf#4091 Insert ignore option does not work * sf#4090 Downloading BLOB downloads page template * sf#4092 Clicking on table name in view of information_schema redirects to wrong page * sf#4079 Copy Table Add AUTO_INCREMENT value checkbox not working * sf#4088 MySQL server version at index.php incorrect w/ controlhost * sf#4001 Import error: Class \'ImportOds\' not found * sf#3986 Missing DROP VIEW button * Sat Sep 07 2013 ecsosAATTopensuse.org- update to 4.0.6 (2013-09-05) * sf#4036 Call to undefined function mb_detect_encoding (clarify the doc) * sf Missing hints when changing a column\'s structure * sf#4048 Cannot select foreign value in Search * sf#4025 gzip export is not actually compressed with mod_deflate * sf#4054 query analysis doesn\'t launch in status monitor * Add pmahomme icon credits (FamFamFam silk icon set) * sf#4064 Table structure statistics \"Space usage\" caption too small for l10n * sf#4051 Wrong tabindex when inserting rows * sf#4066 varchar field not truncated in table browse mode * rfe #1435 Opening database should expand it in the navigation menu * (performance) Removed ShowTooltip directive * sf#4046 Exporting huge Tables causes memory-Problems * Wed Aug 07 2013 chrisAATTcomputersalat.de- fix for bnc#833731 * PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693) http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php * Mon Aug 05 2013 obsAATTladisch.de- update to 4.0.5 (2013-08-04) * sf#3977 Not detected configuration storage * sf#3970 Pressing enter in the filter field reloads page * sf#3984 Cannot insert in this table (PHP < 5.4) * sf#3989 Reloading privileges does not update the interface * sf#3960 NavigationBarIconic config not honored * sf#3985 Call to undefined function mb_detect_encoding * sf#4007 Analyze option not shown for InnoDB tables * sf#4015 Forcing a storage engine for configuration storage * bug Incorrect Drizzle 7 detection * sf#4019 Create database if not exists (export): add an option to the interface to enable generating CREATE DATABASE and USE (false by default) * sf#4012 Crash on CSV file import * sf#4009 Statistic Monitor shows only last 3 digits in graph * sf#3998 Non-permanent SQL history not working * sf#3578 Transformations for text/plain on a BLOB column * [security] Improved protection against cross framing, see PMASA-2013-10 (CVE-2013-5029 CWE-661 CWE-693) * Reinstated configuration directive: AllowThirdPartyFraming- fix for bug sf#4038: PMASA-2013-8 not mentioned in 4.0.4.2 changes- add CVEs to 4.0.4.2 changes * Mon Jul 29 2013 chrisAATTcomputersalat.de- fix for bnc#831896 * multiple XSS issues (+ a SQL injection and full path disclosure flaw) * fix for PMASA-2013-8 (CVE-2013-4995 CWE-661 CWE-79) * fix for PMASA-2013-9 (CVE-2013-4996 CVE-2013-4997 CWE-661 CWE-79 CWE-80) * fix for PMASA-2013-11 (CVE-2013-4996 CWE-300 CWE-79) * fix for PMASA-2013-12 (CVE-2013-4998 CVE-2013-4999 CVE-2013-5000 CWE-661 CWE-200) * fix for PMASA-2013-13 (CVE-2013-5001 CWE-661 CWE-79 CWE-80) * fix for PMASA-2013-14 (CVE-2013-5002 CWE-661 CWE-79) * fix for PMASA-2013-15 (CVE-2013-5003 CWE-661 CWE-89 CWE-269)- update to 4.0.4.2 (2013-07-28) * [security] fix unescaped parameter, see PMASA-2013-8 * [security] Fix stored XSS in Server status monitor, see PMASA-2013-9 * [security] Fix stored XSS in navigation panel logo link, see PMASA-2013-9 * [security] Fix self-XSS in setup, trusted proxies validation, see PMASA-2013-9 * [security] Fix full path disclosure, see PMASA-2013-12 * [security] Fix control user SQL injection in pmd_pdf.php, see PMASA-2013-15 * [security] Fix control user SQL injection in schema_export.php, see PMASA-2013-15 * [security] Fix self-XSS in schema export, see PMASA-2013-14 * [security] Fix unencoded json object, see PMASA-2013-11 * [security] Fix stored XSS in link transformation plugin, see PMASA-2013-13 * Wed Jul 03 2013 obsAATTladisch.de- update to 4.0.4.1 (2013-06-30) * [security] Global variables scope injection vulnerability (PMASA-2013-7, CVE-2013-4729) * Tue Jun 18 2013 ecsosAATTopensuse.org- update to 4.0.4 (2013-06-17) * sf#3959 Using DefaultTabDatabase in NavigationTree for Database Click * sf#3961 Avoid Suhosin warning when in simulation mode * sf#3897 Row Statistics and Space usage bugs * sf#3966 Only display \"table has no unique column\" message when applicable * sf#3960 NavigationBarIconic config not honored * sf#3965 Default language wrong with zh-TW * sf#3921 Call to undefined function PMA_isSuperuser() if default server is not set * sf#3971 Ctrl/shift + click opens links in same window * sf#3964 Import using https does not work * fix bug Missing removeCRLF option in ExportCsv and ExportExcel plugins * sf#3631 Drop not working Visio schema export. * sf#3645 Better handling of invalid ODS documents * sf#3976 Number of pages * sf#3922 User privileges, database name unescaped * Wed Jun 12 2013 chrisAATTcomputersalat.de- fix changelog * add missing \'fix for bnc#xxxxxx * Thu Jun 06 2013 ecsosAATTopensuse.org- update to 4.0.3 (2013-06-05) * sf#3941 Recent tables list always empty * sf#3933 Do not translate \"Open Document\" in export settings * sf#3927 List of tables is missing after expanding in the navigation frame * sf#3942 Warnings about reserved word for many non reserved words * sf#3912 Exporting row selection, resulted by ORDER BY query * sf#3957 Cookies must be enabled past this point * sf#3956 \"Browse foreign values\" search filter / page selector not working * sf#3579 NOW() function incorrectly selected (partial regression) * [security] Javascript execution vulnerability in Create view, reported by Maxim Rupp (see PMASA-2013-6)- fix for bnc#824306 * PMASA-2013-6 (CVE-2013-3242) * Sat May 25 2013 ecsosAATTopensuse.org- update to 4.0.2 (2013-05-24) * sf#3902 Cannot browse when table name contains keyword \"call\" * center loading indicator for navigation refresh, related to bug #3920 * sf#3925 Table sorting in navigation panel is case-sensitive * sf#3915 Import of CSV file (Replace table data with file) with duplicate values * sf#3907 undefined variables, function parameter problems * sf#3898 Structure not refreshed after column drop * sf#3926 View is not updatable * sf#3919 PropertiesIconic not honored * sf#3930 Databases to choose for specific privileges show up escaped * sf#3910 Export database with empty table as a php array, does not produce valid PHP * sf#3936 Query profiler chart not loading from SQL Query page * sf#3946 Missing CSV import option \"Do not abort on INSERT error\" * sf#3943 Missing Operations>Table options>AUTO_INCREMENT * bug Missing CREATE DATABASE statement when exporting at database level * sf#3924 Show warning when CSV file does not contain data for all columns * sf#3947 Missing Sql Query after modify structure * sf#3948 Server export problems * sf#3917 CountTables directive is deprecated * Wed May 15 2013 ecsosAATTopensuse.org- update to 4.0.1.0 (2013-05-14) * sf#3879 Import broken for CSV using LOAD DATA * sf#3889 When login fails and error display is active, login data is displayed * sf#3890 [import] Web server upload directory import fails * sf#3891 [import] Server upload folder import file name missing in success message * rfe #1421 [auth] Add retry button on connection failure with config auth * sf#3894 [interface] Provide feedback if no columns selected for multi-submit * sf#3799 [interface] Incorrect select field change on ctrl key navigation in Firefox * sf#3885 [browse] display_binary_as_hex option causes unexpected behavior * sf#3899 Git commit links to Github missing * sf#3900 CSP WARN in Firefox console * sf#3901 Setup script warning for config auth (stored login data) shows link BBcode * sf#3895 [browse] Fixed getting BLOB data * sf#3905 [export] Custom Exporting exports all databases * sf#3909 [import] Import of CSV FIle to selected table doesn\'t work * sf#3904 Browsing an empty table should not display its Structure * sf#3908 Calendar widget improperly redirects to home * sf#3918 Greyed out tabs when there are no rows fixed * sf#3916 [interface] Missing scrollbar (original theme) * [vendor] add tcpdf path to vendor_config.php * bug fix compat with tcpdf >= 6.0 (tested with 6.0.012) * Fri May 03 2013 ecsosAATTopensuse.org- update to 4.0.0 (2013-05-03) * Patch #3481047 for rfe #3480477 Insert as new row enhancement * Patch #3480999 Activate codemirror in the query window * Patch #3495284 XML Import - fix message and redirect * rfe #3484063 Null checkbox behavior * Patch #3497179 Contest-5: Add user: Allow create DB w/same name + grant u_% * Patch #3498201 Contest-6: Export all privileges * Patch #3502814 for rfe #3187077 Change password buttons should match * rfe #3488640 Expand table-group in non-light navigation frame if only one * Patch #3509360 Contest-3: Option \"Truncate table\" before \"insert\" * Patch #3506552 Contest-2: Show index information in the data dictionary * Patch #3510656 Contest-1: Ignoring foreign keys while dropping tables * sf#3509686 Reverting sort on joined column does not work * New transformation: append string * rfe #3507804 Session upload progress (PHP 5.4) * rfe #3488185 draggable columns vs copy column name * Patch #3507001 Contest-4: Textarea for large character columns * Removed the PHP version of the ENUM editor * Patch #3507111 Display distinct results, linked to corresponding data rows * sf#3507917 [export] JSON has unescaped values for allegedly numeric columns * rfe #3516187 show tables creation, last update, last check timestamps in db_structure * sf#3059806 Supporting running from CIFS/Samba shares * sf#3516341 [export] Open Document Text, Word and Texy! Text show table structure twice * sf [export] Texy! Text: Columns containing Pipe Character don\'t export properly * [export] Show triggers in Open Document Text, Word and Texy! Text * Patch #3415061 [auth] Login screen appears under the page * rfe #3517354 [interface] Allow disabling CodeMirror with $cfg[\'CodemirrorEnable\'] = false * rfe #3475567 [interface] New directive $cfg[\'HideStructureActions\'] * sf#3468272 [import] Fixed import of ODS with more paragraphs in a cell * sf#3510196 [core] Improved redirecting with ForceSSL option * rfe #3518852 [edit] edit blob but not other binary, new option $cfg[\'ProtectBinary\'] = \'noblob\' * Hide language select box if there are no locales installed * Removed some directives: verbose_check, SuggestDBName, LightTabs, VerboseMultiSubmit, ReplaceHelpImg * Patch #3500882 Fixing checkbox behaviour while editing identical rows * rfe #3441722 [interface] Display description of datatypes * rfe #3517835 [structure] Move columns easily * Ajaxified \"Create View\" functionality * [import] New plugin: import mediawiki * New navigation system * Discontinued the use of a frame-based layout * rfe #3528994 [interface] Allow wrapping possibly long values in replication-status table * [interface] Autoselect username input on cookie login page * sf#3563799 [interface] Grid editing destroying huge amount of data * [import] Remove support for the unactive docSQL import format * sf#3577443 [edit] \"Browse foreign values\" does not show on ajax edit * rfe #3522109 [browse] Grid editing: action to trigger it (or disable) * sf#3526598 [interface] SQL query not shown when creating table * Dropped configuration directive: AllowThirdPartyFraming * Dropped configuration directive: LeftFrameLight * Dropped configuration directive: DisplayDatabasesList * Dropped configuration directives: ShowTooltipAliasDB and ShowTooltipAliasTB * Dropped configuration directive: NaviDatabaseNameColor * Added configuration directive: MaxNavigationItems * Renamed configuration directive: LeftFrameDBTree => NavigationTreeEnableGrouping * Renamed configuration directive: LeftFrameDBSeparator => NavigationTreeDbSeparator * Renamed configuration directive: LeftFrameTableSeparator => NavigationTreeTableSeparator * Renamed configuration directive: LeftFrameTableLevel => NavigationTreeTableLevel * Renamed configuration directive: LeftPointerEnable => NavigationTreePointerEnable * Renamed configuration directive: LeftDefaultTabTable => NavigationTreeDefaultTabTable * Renamed configuration directive: LeftDisplayTableFilterMinimum => NavigationTreeDisplayTableFilterMinimum * Renamed configuration directive: LeftDisplayLogo => NavigationDisplayLogo * Renamed configuration directive: LeftLogoLink => NavigationLogoLink * Renamed configuration directive: LeftLogoLinkWindow => NavigationLogoLinkWindow * Renamed configuration directive: LeftDisplayServers => NavigationDisplayServers * Renamed configuration directive: LeftRecentTable => NumRecentTables * Renamed configuration directive: LeftDisplayDatabaseFilterMinimum => NavigationTreeDisplayDbFilterMinimum * Removed the \"Mark row on click\" feature; must now click the checkbox to mark * Removed the \"Synchronize\" feature * Improved layout of server variables page * rfe #1052091 [config] Double-underscores in PMA table names * Improved the \"More\" dropdown on the table structure page * [interface] Added \"scroll to top\" link in menubar * [designer] Fullscreen mode for the designer * Upgraded jquery to v1.8.3 and jquery-ui to v1.9.2 * Patch #3597529 [status] Add raw value as title on server status page * Support MySQL 5.6 partitioning * Removed the AjaxEnable directive * rfe #3542567 Accept IPv6 ranges and IPv6 CIDR notations in $cfg[\'Servers\'][$i][\'AllowDeny\'][\'rules\'] * sf#3576788 Grid editing shows the value before silent truncation * Upgraded jqPlot to 1.0.4 r1121 * Upgraded to jquery-ui-timepicker-addon 1.1.1 * rfe #3599046 [interface] Added comments for indexes * Replaced qtip with jQuery UI tooltip * Upgraded CodeMirror to 2.37 * sf#2951 [export] Correctly export decimal fields. * sf#3762 [core] Make Advisor work on Windows withou COM extension. * sf#3519 [export] Prevent infinite recursion in PDF export. * sf#3827 Table specific privileges not displayed for db name containing underscore * rfe #1386 Add IF NOT EXISTS clause when copying database * No longer package .travis.yml configuration file when creating a release. * sf#3830 Can\'t export custom query because it lowercases table names * sf#3829 Enabling query profiling crashes javascript based navigation * rfe #879 Reserved word warning * Remove the database ordering sub-feature of the only_db directive * sf#3840 When exporting to gzip format, the data is compressed 2 times * rfe #1319 Permit to create index when creating foreign key * sf#3703 Incorrect updating of the list of users * sf#3853 Blowfish implementation might be broken (replace with phpseclib) * sf#3865 Using like operator on each backslash needs 4 backslash protection * sf#3860 Displayed git revision info is not set * sf#3871 Check referential integrity broken across databases * sf#3874 [export] No preselected option when exporting table * sf#3873 Can\'t copy table to target database if table exists there * sf#3683 Incorrect listing of records from to count * sf#3876 [import] PHP 5.2 - unexpected T_PAAMAYIM_NEKUDOTAYIM * [security] Local file inclusion vulnerability, reported by Janek Vind (see PMASA-2013-4) * [security] Global variables overwrite in export.php, reported by Janek Vind (see PMASA-2013-5) * sf#3892 [export] SQL Export files are empty- fix for bnc#824304 * PMASA-2013-4 (CVE-2013-3240)- fix for bnc#824305 * PMASA-2013-5 (CVE-2013-3241) * Wed Apr 24 2013 ecsosAATTopensuse.org- update to 3.5.8.1 (2013-04-24) * [security] Remote code execution (preg_replace), reported by Janek Vind (see PMASA-2013-2) * [security] Locally Saved SQL Dump File Multiple File Extension Remote Code Execution, reported by Janek Vind (see PMASA-2013-3)- fix for bnc#824301 * PMASA-2013-2 (CVE-2013-3238)- fix for bnc#824302 * PMASA-2013-3 (CVE-2013-3239) * Mon Apr 08 2013 ecsosAATTopensuse.org- update to 3.5.8 (2013-04-08) * sf#3828 MariaDB reported as MySQL * sf#3854 Incorrect header for Safari 6.0 * sf#3705 Attempt to open trigger for edit gives NULL * Use HTML5 DOCTYPE * [security] Self-XSS on GIS visualisation page, reported by Janek Vind see PMASA-2013-1 * sf#3800 Incorrect keyhandler behaviour #2- fix for bnc#814678 * PMASA-2013-1 (CVE-2013-1937) * Fri Mar 15 2013 chrisAATTcomputersalat.de- update to 3.5.7.0 (2013-02-15) * sf#3779 [core] Problem with backslash in enum fields * sf#3816 Missing server_processlist.php * sf#3821 Safari: white page * Correct detection of the Chrome browser * Mon Feb 04 2013 drahtAATTsuse.de- update to 3.5.6.0 (2013-01-28) * sf#3593604 [status] Erroneous advisor rule * sf#3596070 [status] localStorage broken in server status monitor * sf#3598736 [routines] Editing a procedure with special characters * sf#3600322 [core] Visualize GIS data throws Fatal Error * sf#3599362 [core] Double-escaped error message * sf#3776 [cookies] Login without auth on second server * Wed Jan 16 2013 chrisAATTcomputersalat.de- update to 3.5.5.0 (2012-12-21) * sf#3563824 [export] Support Apache\'s mod_deflate * sf#3585523 [interface] Inline query editing broken after row update * sf#3586389 [setup] Cannot switch language in /setup * sf#3585695 [CSS] Font size in inline query editor is way too big * sf#3588354 [l10n] Portuguese Language not displaying correctly * sf#3591412 [status] Live charts don\'t work for non-default server * sf[core] Proxy ajax calls to pma.net to avoid browser notices * sf#3593534 [tracking] Structure Snapshot on tracked view renders invalid SQL * sf#3544366 [events] Event comments not saved * Sat Dec 15 2012 chrisAATTcomputersalat.de- update to 3.5.4.0 (2012-11-16) * sf#3570212 [edit] uuid_short() is a no-arguments function * sf#3569577 [edit] Add routine parameter headers not valid for \"function\" * sf#3575799 [search] Various search operators not working as expected * sf#3576322 [search] Invalid select query generated for tables with ENUM fields * sf#3577468 [display] Incorrect imagejpeg Syntax Breaks Image Transformation * sf#3578776 [search] Editing SQL not possible when no records found * sf#3571970 [interface] Display chart and number of rows to plot * sf#3582631 [core] Wrong redirect url caused cookies error with ForceSSL * Mon Nov 05 2012 chrisAATTcomputersalat.de- update to 3.5.3.0 (2012-10-08) * sf#3539044 [interface] Browse mode \"Show\" button gives blank page if no results anymore * sf#3534979 [interface] Copy Database Ajax feedback vanishes long before copying is done * sf#3527531 [interface] GC-maxlifetime warning incorrectly displayed * sf#3526916 [interface] Search fails with JS error when tooltips disabled * sf#3544366 [interface] Event comments not saved * sf#3549084 [edit] Can\'t enter date directly when editing inline * sf#3548491 [interface] Inline query editor doesn\'t work from search results * sf#3547825 [edit] BLOB download no longer works * sf#3541966 [config] Error in generated configuration arrray * sf#3553551 [GUI] Invalid HTML code in multi submits confirmation form * [interface] Designer sometimes places tables on the top menu * sf#3546277 [core] Call to undefined function __() when config file has wrong permissions * sf#3540922 [edit] Error searching table with many fields * sf#3555104 [edit] Cannot copy a DB with table and views * sf#3559925 [privileges] Incorrect updating of the list of users * sf#3561224 [edit] cell edit date field with empty date fills in current date * sf#3559955 [edit] current_date from function drop down fails on update * sf#3562472 add support for Solaris and FreeBSD system load and memory display in server status * sf#3553068 [import] Table import from XML file fails * replace Highcharts with jqplot for Display chart * sf#3567684 [edit] Pasting value doesn\'t clear null checkbox * sf#3570786 [edit] Datepicker for date and datetime fields is broken- fix for bnc#788103 * PMASA-2012-6 (CVE-2012-5339) o http://www.phpmyadmin.net/home_page/security/PMASA-2012-6.php * PMASA-2012-7 (CVE-2012-5368) o http://www.phpmyadmin.net/home_page/security/PMASA-2012-7.php * Tue Aug 21 2012 chrisAATTcomputersalat.de- update to 3.5.2.2 (2012-08-12) - [security] Fixed XSS vulnerabilities, see PMASA-2012-4- update to 3.5.2.1 (2012-08-03) - [security] Fixed local path disclosure vulnerability, see PMASA-2012-3- fix for bnc#776701 * PMASA-2012-4 (CVE-2012-4345)- fix for bnc#776698 * PMASA-2012-3 (CVE-2012-4219) * Sun Jul 08 2012 chrisAATTcomputersalat.de- udpate to 3.5.2 (2012-07-07) * bug sf#3521416 [interface] JS error when editing index * bug sf#3521313 [core] Call to undefined function __() * bug sf#3521016 [edit] NOW() function incorrectly selected * bug [GUI] Invalid HTML code on transformation_overview.php * bug sf#3522930 [browse] Missing validation in Ajax mode * bug Fix popup message on build SQL of import * bug sf#3523499 [core] Make X-WebKit-CSP work better * replace Highcharts with jqplot for query profiling, zoom search * bug sf#3531584 [interface] No form validation in change password dialog * bug sf#3531585 [interface] Broken password validation in copy user form * bug sf#3531586 [unterface] Add user form prints JSON when user presses enter * bug sf#3534121 [config] duplicate line in config.sample.inc.php * bug sf#3534311 [interface] Grid editing incorrectly parses ENUM/SET values * bug sf#3510196 [core] More clever URL rewriting with ForceSSL- rebase config patch * Sun Jun 03 2012 chrisAATTcomputersalat.de- update to 3.5.1.0 (2012-05-03) * bug sf#3510784 [edit] Limit clause ignored when sort order is remembered * bug sf#3511471 [interface] View name not seen in navi panel (MySQL 5.1) * bug sf#3512916 [display] Right frame reloads after displaying SQL result(zero rows) * bug [interface] Fixed missing Codemirror for inline query edit when exporting a result set * bug sf#3514490 [auth] Multiple Navigation panels bug still present * bug sf#3515181 [users] Error in create user + underscore + create database * bug sf#3515666 [display] Profiling chart shows wrong data * bug sf#3516037 [auth] JS includes missing in auth config error page * bug sf#3516183 [display] Missing image extension * bug [display] Added missing icons in original theme * bug sf#3516761 [edit] Query error after search * bug sf#3516405 [display] Chart title is getting wrong within chart export * bug sf#3517021 [interface] Header links except \'More\' hide after closing dialog * bug sf#3516817 [interface] \"More\" actions in table structure * bug sf#3518484 [privileges] PMA_sqlAddSlashes() does not quote the table names correctly * bug sf#3518983 [designer] Error messages do not appear in the Designer * bug sf#3519747 [interface] Suhosin patch warning incorrectly displayed * bug sf#3520107 [interface] Server status page: Incorrect dialog box titles * bug sf#3516089 [structure] DROP does not work on defective VIEWs- rebase config patch * remove version from patch name * add missing options * Thu Apr 26 2012 chrisAATTcomputersalat.de- update to 3.4.11.0 * bug sf#3486970 [import] Exception on XML import * bug sf#3488777 [navi] $cfg[\'ShowTooltipAliasTB\'] and blank names in navigation * bug sf#3512565 [navi] Fixed missing word \"Rows\" in table list tooltip after click * Mon Apr 02 2012 chrisAATTcomputersalat.de- update to 3.4.10.2 (fix for bnc#755211) - [security] Fixed local path disclosure vulnerability, see PMASA-2012-2 http://www.phpmyadmin.net/home_page/security/PMASA-2012-2.php * Thu Feb 23 2012 chrisAATTcomputersalat.de- fix changelog * rename bugs , patches (\"{bug,patch} #....\") to fit into bug naming scheme -> \"sf#....\" * Mon Feb 20 2012 chrisAATTcomputersalat.de- update to 3.4.10.1 (fix for bnc#747841) * [security] XSS in replication setup, see PMASA-2012-1- 3.4.10.0 (2012-02-14) * sf#3460090 [interface] TextareaAutoSelect feature broken * sf#3375984 [export] PHP Array export might generate invalid php code * sf#3049209 [import] Import from ODS ignores cell that is the same as cell be fore * sf#3463933 [display] SELECT DISTINCT displays wrong total records found * sf#3458944 [operations] copy table data missing SET SQL_MODE=\'NO_AUTO_VALUE_ON_ZERO\' * sf#3469254 [edit] Setting data to NULL and drop-downs * sf#3477063 [edit] Missing set fields and values in generated INSERT query * sf#3460867 [libraries] license issue with TCPDF (updated to 5.9.145), (fix for bnc#736698) * Wed Dec 28 2011 chrisAATTcomputersalat.de- update to 3.4.9 - sf#3442028 [edit] Inline editing enum fields with null shows no dropdown - sf#3442004 [interface] DB suggestion not correct for user with underscore - sf#3438420 [core] Magic quotes removed in PHP 5.4 - sf#3398788 [session] No feedback when result is empty (signon auth_type) - sf#3384035 [display] Problems regarding ShowTooltipAliasTB - sf#3306875 [edit] Can\'t rename a database that contains views - sf#3452506 [edit] Unable to move tables with triggers - sf#3449659 [navi] Fast filter broken with table tree - sf#3448485 [GUI] Firefox favicon frameset regression - [core] Better compatibility with mysql extension - [security] Self-XSS on export options (export server/database/table), see PMASA-2011-20 - [security] Self-XSS in setup (host parameter), see PMASA-2011-19- fix for bnc#738411 * PMASA-2011-19 (CVE-2011-4780) * PMASA-2011-20 (CVE-2011-4782)- rework config patch * Fri Dec 16 2011 chrisAATTcomputersalat.de- fix changelog * add missing info for bnc#736772- fix fdupes * reduce fdupes to affected files only (./libraries,./themes) * Tue Dec 13 2011 chrisAATTcomputersalat.de- update to 3.4.8 - sf#3425230 [interface] enum data split at space char (more space to edit) - sf#3426840 [interface] ENUM/SET editor can\'t handle commas in values - sf#3427256 [interface] no links to browse/empty views and tables - sf#3430377 [interface] Deleted search results remain visible - sf#3428627 [import] ODS import ignores memory limits - sf#3426836 [interface] Visual column separation - sf#3428065 [parser] TRUE not recognized by parser + sf#3433770 [config] Make location of php-gettext configurable - sf#3430291 [import] Handle conflicts in some open_basedir situations - sf#3431427 [display] Dropdown results - setting NULL does not work - sf#3428764 [edit] Inline edit on multi-server configuration - sf#3437354 [core] Notice: Array to string conversion in PHP 5.4 - [interface] When ShowTooltipAliasTB is true, VIEW is wrongly shown as the view name in main panel db Structure page - sf#3439292 [core] Fail to synchronize column with name of keyword - sf#3425156 [interface] Add column after drop - [interface] Avoid showing the password in phpinfo()\'s output - sf#3441572 [GUI] \'newer version of phpMyAdmin\' message not shown in IE8 - sf#3407235 [interface] Entering the key through a lookup window does not reset NULL - [security] Self-XSS on database names (Synchronize), see PMASA-2011-18 - [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18 - [security] Self-XSS on column type (Create index), see PMASA-2011-18 - [security] Self-XSS on column type (table Search), see PMASA-2011-18 - [security] Self-XSS on invalid query (table overview), see PMASA-2011-18- fix for bnc#736772 (CVE-2011-4634, PMASA-2011-18) * Mon Nov 14 2011 chrisAATTcomputersalat.de- update to 3.4.7.1 (fix for bnc#728243) - [security] Fixed possible local file inclusion in XML import (CVE-2011-4107), see PMASA-2011-17 http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php * Wed Oct 26 2011 chrisAATTcomputersalat.de- update to 3.4.7 - sf#3418610 [interface] Links in navigation when $cfg[\'MainPageIconic\'] = false - sf#3418849 [interface] Inline edit shows dropdowns even after closing - bug [view] View renaming did not work - bug [navi] Wrong icon for view (MySQL 5.5) - sf#3420229 [doc] Missing documentation section - sf#3423725 [pdf] Broken PDF file when exporting database to PDF - [core] Allow to set language in URL - sf#3425184 [doc] Fix links to PHP documentation - sf#3426031 [export] Export to bzip2 is not working- 3.4.6.0 (2011-10-16) - sf#3404173 InnoDB comment display with tooltips/aliases - sf#3404886 [navi] Edit SQL statement after error - sf#3403165 [interface] Collation not displayed for long enum fields - sf#3399951 [export] Config for export compression not used - sf#3400690 [privileges] DB-specific privileges won\'t submit - sf#3410604 [config] Configuration storage incorrect suggested table name - sf#3383572 [interface] Cannot execute saved query - sf#3411535 [display] Full text button unchecks results display options - sf#3411224 [display] Broken binary column when \'Show binary contents\' is not set - sf#3411633 [core] Call to undefined function PMA_isSuperuser() - sf#3413743 [interface] Display options link missing after search - sf#3324161 [core] CSP policy causing designer JS buttons to fail - sf#3412862 [relation] Relations/constraints are dropped/created on every change - sf#3390832 [display] Delete records from last page breaks search - sf#3392150 [schema] PMA_User_Schema::processUserChoice() is broken - sf#3414744 [core] External link fails in 3.4.5 - sf#3314626 [display] CharTextareaRows is not respected - sf#3417089 [synchronize] Extraneous db choices - [security] Fixed local path disclosure vulnerability, see PMASA-2011-15 - [security] Fixed XSS in setup (host/verbose parameter), see PMASA-2011-16 * Tue Oct 04 2011 chrisAATTcomputersalat.de- update to 3.4.5 - sf#3375325 [interface] Page list in navigation frame looks odd - sf#3313235 [interface] Error div misplaced - sf#3374802 [interface] Comment on a column breaks inline editing - sf#3383711 [display] Order by a column in a view doesn\'t work in some cases - sf#3386434 [interface] Add missing space to server status - [core] Remove library PHPExcel, due to license issues - [export] Remove native Excel export modules (xls and xlsx formats) - [import] Remove native Excel import modules (xls and xlsx formats) - sf#3392920 [edit] BLOB emptied after editing another column - [security] Fixed XSS in Inline Edit on save action, see PMASA-2011-14 - [security] Fixed XSS with db/table/column names, see PMASA-2011-14 * Sat Aug 27 2011 chrisAATTcomputersalat.de- update to 3.4.4 - sf#3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes - sf#3323101 [parser] Invalid escape sequence in SQL parser - sf#3348995 [config] $cfg[\'Export\'][\'asfile\'] set to false does not select as Text option - sf#3340151 [export] Working SQL query exports error page - sf#3353649 [interface] \"Create an index on X columns\" form not validated - sf#3350790 [interface] JS error in Table->Structure->Index->Edit - sf#3353811 [interface] Info message has \"error\" class - sf#3357837 [interface] TABbing through a NULL field in the inline mode resets NULL - remove version number in /setup - sf#3367993 [usability] Missing \"Generate Password\" button - sf#3363221 [display] Missing Server Parameter on inline sql query - sf#3367986 [navi] Drop field -> lost active table - remove misleading comment on the \"Rename database\" interface - sf#3374374 [interface] Fix footnote for inexact count while browsing - sf#3372807 [interface] Fix security warning link in setup - sf#3374347 [display] Backquotes in normal text on import page - sf#3358750 [core] With Suhosin, urls are too long in edit links - [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13 * Fri Jul 29 2011 chrisAATTcomputersalat.de- update to 3.4.3.2 o PMASA-2011-9 to PMASA-2011-12 http://www.phpmyadmin.net/home_page/security/ * Mon Jul 04 2011 chrisAATTcomputersalat.de- update to 3.4.3.1 - [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5 - [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6 - [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7 - [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8- 3.4.3.0 (2011-06-27) - sf#3311170 [sync] Missing helper icons in Synchronize - sf#3304473 [setup] Redefine a lable that was wrong - sf#3304544 [parser] master is not a reserved word - sf#3307616 [edit] Inline edit updates multiple duplicate rows - sf#3311539 [edit] Inline edit does not escape backslashes - sf#3313210 [interface] Columns class sometimes changed for nothing - sf#3313326 [interface] Some tooltips do not disappear - sf#3315720 [search] Fix search in non unicode tables - sf#3315741 [display] Inline query edit broken - sf#3317206 [privileges] Generate password option missing on new accounts - sf#3317293 [edit] Inline edit places HTML line breaks in edit area - sf#3319466 [interface] Inline query edit does not escape special characters - minor XSS (require a valid token)- add restart_on_update apache to post * Wed Jun 22 2011 chrisAATTcomputersalat.de- fix changelog o update to 3.4.2.0 -> update to 3.4.2- fix bnc#697748 (suhosin customization) o moved from spec\'s %post to http_conf file * Thu Jun 09 2011 jweberhoferAATTweberhofer.at- update to 3.4.2 - sf#3301249 [interface] Iconic table operations does not remove inline edit label - sf#3303869 [interface] Unnecessary scrolling on Databases page - sf#3303813 [setup] Define a label that was missing - sf#3305606 [interface] Show all button wraps on privileges page - sf#3305517 [config] Config for export compression not used - sf#3305883 [interface] Table is dropped regardless of confirmation - [auth] Fixed error handling for signon auth method. - sf#3276001 [core] Avoid caching of index.php. - sf#3306958 [interface] Unnecessary Details slider - sf#3308476 [interface] \"Show all\" not persistent after a sort - sf#3308072 [auth] Version disclosure to anonymous visitors - sf#3306981 [interface] pmahomme and table statistics * Tue May 24 2011 chrisAATTcomputersalat.de- update to 3.4.1 - bug sf#3301108 [interface] Synchronize and already configured host - bug sf#3302457 Inline edit and $cfg[\'PropertiesIconic\'] - Patch #3302313 Show a translated label - bug sf#3300981 [navi] Table filter is case sensitive - bug sf#3285929 [privileges] Revert temporary fix - bug sf#3302872 [synchronize] Synchronize and user name - bug sf#3302733 [core] Some browsers report an insecure https connection - [security] Make redirector require valid token- rework config patch - removed 3.3.8, added 3.4.1 config patch- added conftrib to doc- mod post section o modify suhosin.ini * Sat Mar 19 2011 chrisAATTcomputersalat.de- update to 3.3.10 - patch sf#3147400 [structure] Aria table size printed as unknown, thanks to erickoh75 - erickoh75 - patch sf#3150164 [structure] Ordering by size gives incorrect results, thanks to Madhura Jayaratne - madhuracj - bug sf#3153409 [core] 0 row(s) affected - bug sf#3155842 [core] Edit relational page and page number - [security] Minor security fixes, see PMASA-2010-9 and PMASA-2010-10 - [lang] German update, thanks to jannicarsAATTusers.sourceforge.net. * Wed Feb 23 2011 chrisAATTcomputersalat.de- update to 3.3.9.2 - [security] SQL injection, see PMASA-2011-2- 3.3.9.1 (2011-02-08) - [security] Path disclosure, see PMASA-2011-1- add macros for ap_usr, ap_grp- fix perm on sysconfdir o 0750,root,www * Thu Jan 27 2011 chrisAATTcomputersalat.de- update to 3.3.9 - bug [doc] Fix references to MySQL doc - sf#3101490 Default function for TIMESTAMP, thanks to jirand - jirand - sf#3103853 [js] Double quotes were not escaped in generated js - sf#3077463 [core] Events were not copied when copying/renaming database - sf#1762306 [core] Copy database with view of a view - sf#3117535 [replication] Add quotes to database in initial statement, thanks to Craig Duncan - duncan3dc - sf#3112614 [pdf schema] Scratchboard for PDF pages not working - sf#3125606 [parser] Query for table \"level\" causes strange display - sf#3127904 [parser] Close all opened round brackets indents- removed Authors from spec * Fri Dec 03 2010 chrisAATTcomputersalat.de- update to 3.3.8.1 - sf#3115519 (private) [security] XSS on db search, see PMASA-2010-8- rework config patch o add AllowNoPassword * Wed Oct 27 2010 javierAATTopensuse.org- update to 3.3.8 - sf#3059311 [import] BIGINT field type added to table analysis - [core] Update library PHPExcel to version 1.7.4 - sf#3062455 [core] copy procedures and routines before tables - sf#3062455 [export] with SQL, export procedures and routines before tables - sf#3056023 [import] USE query not working - sf#3038193 [display] Error when editing row with GEOMETRY column - sf#3062454 [interface] Display routines/events also when no tables are defin ed - support ARIA storage engine as well as its previous name MARIA * Wed Sep 22 2010 mciharAATTsuse.cz- update to 3.3.7 * Wed Jul 07 2010 chrisAATTcomputersalat.de- update to version 3.3.4- sf#2996161 [import] properly escape import value- sf#2998889 [import] Import button does not work in Catalan- [browse] Fix handling of sort order if only column is specified. + [lang] Greek update, thanks to Panagiotis Papazoglou - panos78 + [lang] Updated lot of translation based on work done in master branch.- sf#3008411 [databases] Last dropped database remains active in navi- sf#2986383 [parser] Not all data being shown / counted- bug [synchronize] Rows were deleted in target table regardless of the \"Would you like to delete...\" option- bug [privileges] List of tables not shown when the db name has a wildcard- sf#3011126 [display] Edit link missing after long query- sf#3013264 [doc] FAQ 1.40 uses a comma instead of a period, thanks to Isaac Bennetch - ibennetch- [engines] Fix getting InnoDB status.- sf#2986422 [import] Results for query are not displayed * Fri May 21 2010 chrisAATTcomputersalat.de- update to version 3.3.3 - sf#2982480 [navi] Do not group if there would be one table in group - sf#2983492 [sync] When asking to synchronize Structure and Data, only Structure is done - sf#2984893 [engines] InnoDB storage page emits a warning - sf#2974687, sf#2974692 [compatibility] PHPExcel : IBM AIX iconv() does not work - sf#2983066 [interface] Flush table on table operations shows the query twice - sf#2983060, sf#2987900 [interface] Fix initial state of tables in designer - sf#2983062, sf#2989408 [engines] Fix warnings when changing table engine to Maria - sf#2974067 [display] non-binary fields shown as hex - sf#2983065 [operations] Error when changing from Maria to MyISAM engine - sf#2975408 [tracking] Data too long for column data_sql - bug [tracking] Tracking report should obey MaxCharactersInDisplayedSQL - bug [edit] Avoid selecting UNHEX function by default for a BLOB column for which editing is protected - sf#2994168 [structure] Show auto_increment in uppercase - sf#2993970 [pdf schema] Page numbering in Table of Contents- 3.3.2.0 (2010-04-13) - sf#2969449 [core] Name for MERGE engine varies depending on the MySQL version, thanks to Dieter Adriaenssens - ruleant - sf#2966078 [browse] Incorrect LIMIT is saved and sticks while browsing - sf#2967366 [Structure] Some results of Propose table structure are shown in hex - sf#2967565 [insert] UNHEX not selected by default when inserting BINARY - [navi] Changed link to git repository on main page - sf#2972232 [menu] Import menu tab not present on main page - sf#2976790 [menu] Go to the upper level after table DROP, thanks to Kaarel Nummert - kaarelnu - sf#2978815 [pdf] Fix generating PDF with table dimensions, thanks to BlinK_ - sf#2977725 [export] XML wrongly encoded, thanks to Victor Volkov - hanut - sf#2979234 [import] Create tables with current charset and collation. - sf#2979234, sf#2960105 [import] Properly import unicode text from ODS. - sf#2973280 [export] Proper handling of temporary directory in XLS export. - sf#2980582 [interface] Properly format server status parameter. - sf#2973949 [session] SQL History broken (revert sf#2899969), thanks to Dieter Adriaenssens - ruleant - [doc] Be more specific about problems with Suhosin. * Fri Mar 26 2010 chrisAATTcomputersalat.de- update to version 3.3.1 - sf#2941037 [core] Database structure not sorted by table correctly - sf#2948492 [interface] Slide effect masks some fields on search page - sf#2959746 [interface] Unknown table status: TABLE_TYPE - sf#2953050 [export] export VIEW as SQL includes INSERT statement - sf#2942032 [core] Cannot detect PmaAbsoluteUri correctly on Windows - sf#2961609 [auth] Potential information disclosure at login page - sf#2961540 [export] Do not export data of MERGE table, thanks to Dieter Adriaenssens - ruleant - sf#2961198 [parser] Querying a table named \"data\" - sf#2931429 [structure] Editing long triggers - sf#2970769 [structure] Incorrect reference to mootools-more.js- cleanup spec - fixed HEADER - sort TAGS - some macros (ap_...) - updated description - added postun o restart_on_update apache2- some rpmlint stuff - fdupes- reworked patches - removed blowfish_secret - removed mysqli.patch - added config patch o mods to vendor_config- replaced Source1 phpmyadmin.conf > phpMyAdmin.http- config.inc.php to /etc/phpMyAdmin * Wed Mar 10 2010 javierAATTopensuse.org- Updated to 3.3.0 + rfe #2308632 [edit] Use hex for (var)binary fields + sf#2794819 [navi] Filter for displayed table names - sf#2794840 [core] Cannot redeclare pma_tableheader() - rfe #2726479 [core] configurable maximal length of URL + sf#2724755 [display] Full/partial text links (big T) are back - bug [display] handle NavigationBarIconic as documented for navi buttons + rfe #2726479 [export] Export tables preselect + sf#2805828 [export] PHP array export plugin + sf#2798592 [import] Progress bar - bug [gui] Generate Password not working for \'Change Login Information\', only for \'Change password\' + [lang] Arabic update + rfe #2822190 [structure] BOOLEAN is standard SQL + [lang] German update + rfe #2813867 [structure] Default sorting order in list of tables + [import] Added MySQL type-detection functionality to import library + [import] Added ODS, Excel XLS, Excel XLSX, and XML import modules + [export] Added Excel XLSX export module + [core] Added ability for tracking changes made through phpMyAdmin + rfe #2839504 [engines] Support InnoDB plugin\'s new row formats + [core] Added ability for synchronizing databases among servers. + [lang] #2843101 Dutch update + [lang] Galician update + [export] Added MediaWiki export module + [lang] Turkish update + [auth] Add custom port configuration in signon - [core] Removed context from the error handler - sf#2883633 [export] Export of InnoDB table is incomplete + rfe #2862575 [status] Order query statistics by % desc, skip rows with 0 + rfe #2823686 [interface] Increase default height of query window + rfe #2129902 [structure] Don\'t hide indexes + sf#2812070 [interface] Allow selecting a range of rows by holding shift + [lang] Russian update, thanks to Victor Volkov + [lang] Greek update, thanks to Panagiotis Papazoglou + [lang] Norwegian update, thanks to Sven-Erik Andersen - sf#2929958 [import] Cannot import (French interface) - [security] Use X-Frame-Options header to protect against ClickJacking. + [lang] Finnish update, thanks to Jouni Kahkonen + [lang] Lithuanian update, thanks to Rytis Slatkevicius - rytis_s - sf#2931939 [status] Seeing \"m\" as unit is confusing - sf#2926613 [edit] Copy database shows errors when DB has foreign key + [lang] Catalan update, thanks to Xavier Navarro * Wed Jan 20 2010 javierAATTopensuse.org- Updated to 3.2.5 - sf#2903400 [bookmarks] Status of bookmark table, thanks to Virsacer - virsacer - bug [history] QueryHistoryDB is not respected - sf#2905629 [auth] Blowfish secret is not hashed - sf#2910000 [gui] ShowServerInfo should hide all server info from main page - sf#2910568 [structure] Table size for ARCHIVE tables is not displayed - sf#2899969 [core] Session lock blocks working from a second window, thanks to Greg Roach - fisharebest - sf#2915168 [import] Incorrect parsing of DELIMITER keyword, thanks to Greg Roach - fisharebest - sf#2918831 [export] Missing backquotes on reserved words, thanks to Virsacer - virsacer - [core] Fix broken cleanup of $_GET - sf#2924357 [operations] Cannot rename a database that has foreign key constraints - sf#869006 [structure] Ignore number of records for MRG_MyISAM tables - bug [browse] \"Show BLOB contents\" should display HTML code that is present in a BLOB, thanks to Vincent van der Tuin - [privileges] Improve escaping of hostname * Tue Nov 10 2009 javierAATTopensuse.org- sf#2856664 [export] Date, time, and datetime column types now export correctly to OpenOffice Spreadsheet- sf#2859788 [parser] Double-character delimiters (sf#2846239)- sf#2832600 [export] Slow export when having lots of databases- sf#2537766 [import] Comments are stripped when editing store procedures- sf#2852370 [operations] Renaming database deletes triggers- sf#2872247 [interface] Failed opening required \'mysql_charsets.lib.php\'- bug [structure] \"In use\" table incorrectly reported as \"view\"- sf#2879909 [interface] Removed double htmlspecialchars when editing enum column- sf#2868328 [relations] Adding foreign key when table name contains a dot- sf#2883381 [doc] Side effects of MemoryLimit setting- sf#2826128 [display] Inverting sort order when expression contains a function name * Fri Sep 18 2009 javierAATTopensuse.org- sf#2825293 [structure] Default value for a BIT column- bug [display] Red arrows were reversed in the list of tables- sf#2813879 [export] Duplicate empty lines when exporting without comments- sf#2825919 [export] Trigger export with database name- sf#2823996 [data] Cannot edit row with no PK and a BIT field- bug [export] Exporting results of a query which contains a LIMIT clause inside a subquery- sf#2837722 [export] Run complex SQL then export does not work- sf#2839548 [export] Triggers order on export- sf#2826986 [display] Order by BLOB and range display- bug [display] After clicking on Show Function or Function, the UPDATE query is not shown after execution- bug [structure] Missing validation for BINARY and VARBINARY * Sun Aug 16 2009 javierAATTopensuse.org- sf#2799009 Login with ipv6 IP address breaks redirect- sf#2796066 [priv] Inconsistent display of databases list- sf#2802870 [display] Incorrect overhead value for InnoDB- bug [display] Incorrect display in replication status- sf#1601625 [display] The Ignore checkbox is not unchecked for ENUM- sf#2809930 [setup] Notice: Undefined variable: k in setup/index.php- bug [features] Incorrect report of missing relational features- [security] XSS: Insufficient output sanitizing (not exploitable without a vali d token) thanks to Sven Vetsch/Disenchant for informing us in a responsible manner- sf#2634827 [import] Using DELIMITER produces infinite cycle + new language files: uzbek_cyrillic and urbek_latin- sf#2814109 [search] Right frame is blank- sf#2816840 [priv] Cannot change a user\'s details- sf#2816165 [display] Executed query not always displayed- sf#2819944 [setup] Incorrect mention of designer_coords- sf#2821757 [insert] \"Insert another new row\" no longer worked + [lang] Norwegian update- bug [core] PMA_pow() can support negative exponents in the pow() case + [lang] Brazilian Portuguese update- sf#2822384 [docs] Missing auth_type in docs-example- sf#2819728 [display] Slider effect jumping to top of page- bug [display] Incorrect computation of overhead stats in server view for tables under the InnoDB engine + [lang] Swedish update * Fri Jul 24 2009 javierAATTopensuse.org- First security release for phpMyAdmin 3.2.0 * Sun Jun 28 2009 javierAATTopensuse.org- update to 3.2.0
|
|
|